webmonitor | 040c45babc21c9d265f313350132ea4b6fda7765e6ff41a953624abbd418b32a | Triage

Sharing

General

Target

040c45babc21c9d265f313350132ea4b6fda7765e6ff41a953624abbd418b32a
Size

746KB
Sample

210515-rnnx4fm2ya
MD5

3dfd779873c3aa2e48ca25add371d73e
SHA1

487e18f213332a8f92e8b1ab2449f35eec66931c
SHA256

040c45babc21c9d265f313350132ea4b6fda7765e6ff41a953624abbd418b32a
SHA512

fabb550f212b162a709d44ce39c23c4fbf7c5da264cdd49eccbb5752a773b04cf085ab210b8ebd01f8da762401f322e42dc4f5799beaa477f9620226a1997e8e

Score

10^/10

webmonitor backdoor infostealer persistence rat

Malware Config

Targets

- Target
  
  040c45babc21c9d265f313350132ea4b6fda7765e6ff41a953624abbd418b32a
- Size
  
  746KB
- MD5
  
  3dfd779873c3aa2e48ca25add371d73e
- SHA1
  
  487e18f213332a8f92e8b1ab2449f35eec66931c
- SHA256
  
  040c45babc21c9d265f313350132ea4b6fda7765e6ff41a953624abbd418b32a
- SHA512
  
  fabb550f212b162a709d44ce39c23c4fbf7c5da264cdd49eccbb5752a773b04cf085ab210b8ebd01f8da762401f322e42dc4f5799beaa477f9620226a1997e8e
Score

10^/10

webmonitor backdoor infostealer persistence rat
- RevcodeRat, WebMonitorRat
  WebMonitor is a remote access tool that you can use from any browser access to control, and monitor your phones, or PCs.
  backdoor rat infostealer webmonitor
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

webmonitorbackdoorinfostealerpersistencerat

behavioral2

webmonitorbackdoorinfostealerpersistencerat