General

  • Target

    c52329b3f7d86f8845f0a8ac10ddf8f9197f65cee7db1afaac71fd66e29249fbN

  • Size

    1017KB

  • Sample

    241011-2dkzqssbnp

  • MD5

    b9d1281cc35d5a9e43e5a973f252add0

  • SHA1

    55cccb436a78a85325d8a3ca8df529bdd855a648

  • SHA256

    c52329b3f7d86f8845f0a8ac10ddf8f9197f65cee7db1afaac71fd66e29249fb

  • SHA512

    28ec43eee9520807d496e1cf4e90348cedc480ba7e345c9b69cb2586fa1c3937c9f1b951b3deecd51e7fb04f4c2c265abb01abc2ff6e764c9c468143925cd015

  • SSDEEP

    12288:zZVVPwiE/xzp4yXyjHy15n4/7iFf/LnJFhP4lS8kGUb55aY6KoAjV3La1Ixd2hc6:z1wrp4/gAX+63YxWcE

Malware Config

Targets

    • Target

      c52329b3f7d86f8845f0a8ac10ddf8f9197f65cee7db1afaac71fd66e29249fbN

    • Size

      1017KB

    • MD5

      b9d1281cc35d5a9e43e5a973f252add0

    • SHA1

      55cccb436a78a85325d8a3ca8df529bdd855a648

    • SHA256

      c52329b3f7d86f8845f0a8ac10ddf8f9197f65cee7db1afaac71fd66e29249fb

    • SHA512

      28ec43eee9520807d496e1cf4e90348cedc480ba7e345c9b69cb2586fa1c3937c9f1b951b3deecd51e7fb04f4c2c265abb01abc2ff6e764c9c468143925cd015

    • SSDEEP

      12288:zZVVPwiE/xzp4yXyjHy15n4/7iFf/LnJFhP4lS8kGUb55aY6KoAjV3La1Ixd2hc6:z1wrp4/gAX+63YxWcE

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks