Overview

overview

10

Static

static

10

Trojan.Win...er.exe

windows7-x64

10

Trojan.Win...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Trojan.Win32.Cerber.pz-7aee758bcd2410bfe16341ea7cf53ef10f1de4a4b748f058a01d14ae2115a3ceN

  • Size

    337KB

  • Sample

    240916-hmcj6sthml

  • MD5

    d247198d532f0054fd247c3fea76f070

  • SHA1

    ac77860905c91bb3dabc010279be74de59fff420

  • SHA256

    7aee758bcd2410bfe16341ea7cf53ef10f1de4a4b748f058a01d14ae2115a3ce

  • SHA512

    c7e3708fcdaecfdb75edc9dbd56e1cb425cdb60f0dcd24b654bf0a779caea2bd75c3e671cab8e2b3d65926af9621f2eed55090eb7367afe2cbdc38655c20cc07

  • SSDEEP

    3072:ljkgv7J8427RSgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:egv7JAS1+fIyG5jZkCwi8r

Score
10/10
njratdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      Trojan.Win32.Cerber.pz-7aee758bcd2410bfe16341ea7cf53ef10f1de4a4b748f058a01d14ae2115a3ceN

    • Size

      337KB

    • MD5

      d247198d532f0054fd247c3fea76f070

    • SHA1

      ac77860905c91bb3dabc010279be74de59fff420

    • SHA256

      7aee758bcd2410bfe16341ea7cf53ef10f1de4a4b748f058a01d14ae2115a3ce

    • SHA512

      c7e3708fcdaecfdb75edc9dbd56e1cb425cdb60f0dcd24b654bf0a779caea2bd75c3e671cab8e2b3d65926af9621f2eed55090eb7367afe2cbdc38655c20cc07

    • SSDEEP

      3072:ljkgv7J8427RSgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:egv7JAS1+fIyG5jZkCwi8r

    Score
    10/10
    njratdiscoverypersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks