General
-
Target
9fn73.9no36Ta58NT09.msi
-
Size
4.7MB
-
Sample
250710-l3ldssfn41
-
MD5
de11340689f62dd83e53bb2d7c348435
-
SHA1
be8f3f5d590d4288887dd95944c2a4f6e7b7809e
-
SHA256
998c36e40f2ea404d9f8d66fd4815adedae74a91a7fd3c02d0ab4196195650f3
-
SHA512
e14d6bacfe1aca4f9738bca46506b9a11d373d83ab5bf09c5692203e67d9f50bce64283924aa9c66569055361510f74755fa92d8ebb70eb0e15e527b35a2a56e
-
SSDEEP
98304:oxMvAtKknz5vqu9sRe4frUMXjcYm5mg8r5lAQwJLx1ZAb+cveE8K6F2csq1P:obYu9sRVjW5mg8o9nAScvtXu2tE
Static task
static1
Behavioral task
behavioral1
Sample
9fn73.9no36Ta58NT09.msi
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
9fn73.9no36Ta58NT09.msi
-
Size
4.7MB
-
MD5
de11340689f62dd83e53bb2d7c348435
-
SHA1
be8f3f5d590d4288887dd95944c2a4f6e7b7809e
-
SHA256
998c36e40f2ea404d9f8d66fd4815adedae74a91a7fd3c02d0ab4196195650f3
-
SHA512
e14d6bacfe1aca4f9738bca46506b9a11d373d83ab5bf09c5692203e67d9f50bce64283924aa9c66569055361510f74755fa92d8ebb70eb0e15e527b35a2a56e
-
SSDEEP
98304:oxMvAtKknz5vqu9sRe4frUMXjcYm5mg8r5lAQwJLx1ZAb+cveE8K6F2csq1P:obYu9sRVjW5mg8o9nAScvtXu2tE
-
Detect JanelaRAT payload
-
Janelarat family
-
Adds Run key to start application
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v16
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1