General
-
Target
9acd975f4c97ed6d72af28fe63cd828eddaf394a3c6cec34c74739ebcb2005d6N.exe
-
Size
77KB
-
Sample
241219-3twlvatpgk
-
MD5
e993cfb6e61851f8e4b8a0de1109e7e0
-
SHA1
7ed75b6f3d933016bb4064900780fdf702889e09
-
SHA256
9acd975f4c97ed6d72af28fe63cd828eddaf394a3c6cec34c74739ebcb2005d6
-
SHA512
ff3b842bc78179bf267852b7f1a73159db146e319f064b556d92c71a968c5061675377ad7e1663cdf2ca98b9f5d10a0ed64037f5223bd217f053e8bda1c6f1ad
-
SSDEEP
1536:c+egCWviDlboRh2Zz6XGuM3M9vxG33eSORdRujx7zG3zJB52HB:cICWqboSx6e3MFC3elRdROVzG352HB
Malware Config
Targets
-
-
Target
9acd975f4c97ed6d72af28fe63cd828eddaf394a3c6cec34c74739ebcb2005d6N.exe
-
Size
77KB
-
MD5
e993cfb6e61851f8e4b8a0de1109e7e0
-
SHA1
7ed75b6f3d933016bb4064900780fdf702889e09
-
SHA256
9acd975f4c97ed6d72af28fe63cd828eddaf394a3c6cec34c74739ebcb2005d6
-
SHA512
ff3b842bc78179bf267852b7f1a73159db146e319f064b556d92c71a968c5061675377ad7e1663cdf2ca98b9f5d10a0ed64037f5223bd217f053e8bda1c6f1ad
-
SSDEEP
1536:c+egCWviDlboRh2Zz6XGuM3M9vxG33eSORdRujx7zG3zJB52HB:cICWqboSx6e3MFC3elRdROVzG352HB
Score10/10-
Njrat family
-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
1