Overview

overview

10

Static

static

040c45babc...2a.exe

windows7_x64

10

040c45babc...2a.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    040c45babc21c9d265f313350132ea4b6fda7765e6ff41a953624abbd418b32a

  • Size

    746KB

  • Sample

    210515-rnnx4fm2ya

  • MD5

    3dfd779873c3aa2e48ca25add371d73e

  • SHA1

    487e18f213332a8f92e8b1ab2449f35eec66931c

  • SHA256

    040c45babc21c9d265f313350132ea4b6fda7765e6ff41a953624abbd418b32a

  • SHA512

    fabb550f212b162a709d44ce39c23c4fbf7c5da264cdd49eccbb5752a773b04cf085ab210b8ebd01f8da762401f322e42dc4f5799beaa477f9620226a1997e8e

Score
10/10
webmonitorbackdoorinfostealerpersistencerat

Malware Config

Targets

    • Target

      040c45babc21c9d265f313350132ea4b6fda7765e6ff41a953624abbd418b32a

    • Size

      746KB

    • MD5

      3dfd779873c3aa2e48ca25add371d73e

    • SHA1

      487e18f213332a8f92e8b1ab2449f35eec66931c

    • SHA256

      040c45babc21c9d265f313350132ea4b6fda7765e6ff41a953624abbd418b32a

    • SHA512

      fabb550f212b162a709d44ce39c23c4fbf7c5da264cdd49eccbb5752a773b04cf085ab210b8ebd01f8da762401f322e42dc4f5799beaa477f9620226a1997e8e

    Score
    10/10
    webmonitorbackdoorinfostealerpersistencerat

    • RevcodeRat, WebMonitorRat

      WebMonitor is a remote access tool that you can use from any browser access to control, and monitor your phones, or PCs.

      backdoorratinfostealerwebmonitor

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks