General

  • Target

    4ea8f9545fbeb50d8ec21afe019180a6b3dea6e109273bf284d85d22295b63a6.exe

  • Size

    190KB

  • Sample

    241121-b6c7gsxpdx

  • MD5

    808da5fbcb92c3d5fe72b5863f552e04

  • SHA1

    768ee1118607ef553772b63e6887102001c52ae4

  • SHA256

    4ea8f9545fbeb50d8ec21afe019180a6b3dea6e109273bf284d85d22295b63a6

  • SHA512

    986010adb83d05f32ced4998f99ce683409ab64786abbcdbac79d513e1a4b215d68adc003049d824629cc9c37d585dce8033204f76ef1bb8ec585c37f4a21005

  • SSDEEP

    3072:hupjxpGPQvZKwsD3KEFCIZtJAfBMIn8EBvud2ZsorFRXoOTqJBVcBryX:0xpHvswsD379zaqy1WEZVnooqirI

Malware Config

Targets

    • Target

      4ea8f9545fbeb50d8ec21afe019180a6b3dea6e109273bf284d85d22295b63a6.exe

    • Size

      190KB

    • MD5

      808da5fbcb92c3d5fe72b5863f552e04

    • SHA1

      768ee1118607ef553772b63e6887102001c52ae4

    • SHA256

      4ea8f9545fbeb50d8ec21afe019180a6b3dea6e109273bf284d85d22295b63a6

    • SHA512

      986010adb83d05f32ced4998f99ce683409ab64786abbcdbac79d513e1a4b215d68adc003049d824629cc9c37d585dce8033204f76ef1bb8ec585c37f4a21005

    • SSDEEP

      3072:hupjxpGPQvZKwsD3KEFCIZtJAfBMIn8EBvud2ZsorFRXoOTqJBVcBryX:0xpHvswsD379zaqy1WEZVnooqirI

    • Njrat family

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks