Overview

overview

10

Static

static

Console Sn...er.exe

windows7_x64

10

Console Sn...er.exe

windows10_x64

10

Console Sn...ss.dll

windows7_x64

1

Console Sn...ss.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Console Sniffer Cracked.7z

  • Size

    8.1MB

  • Sample

    210620-2rrybcdc3n

  • MD5

    744caddbbe8882685d201821c7bf3157

  • SHA1

    1f51cfb1f71fdaa4a3b3ab0a5f38e484bb2965c9

  • SHA256

    9dd4a95031cc128d8ca15aa0daba60ae2f897e56483eb70bc7859cebcdd60cda

  • SHA512

    65ef5ea50faac73a2ad33c3ebab171944547055b1a7cccf2aae2fa1ba2f8b2e00c45e0b58a30dc7645f7a89f187f6f6e89bc4f4c5ec7319638af1fa3f616dcf9

Score
10/10
hiveratratstealer

Malware Config

Targets

    • Target

      Console Sniffer Cracked/ConsoleSniffer v4.1 installer.exe

    • Size

      7.9MB

    • MD5

      61d8ca5f3ec331a08c9032840b99eb5b

    • SHA1

      dc73d785c3e899a58a5616239e89d3fd3d49bb93

    • SHA256

      a342e3327fc258c1634ffd9e27f0635bd2dc8aeada903d2cac0c5e1ab2e00811

    • SHA512

      f8150b1be4559c350467bfb941e6fee1d3dbcd97111e92d55edc047f9fde6b8bc7f63cdbd595f6378e781cadaa69eeeda38d440f02792a48562523e7d97b7ebb

    Score
    10/10
    hiveratratstealer

    • HiveRAT

      HiveRAT is an improved version of FirebirdRAT with various capabilities.

      ratstealerhiverat

    • HiveRAT Payload

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      Console Sniffer Cracked/ServerBypass.dll

    • Size

      1.1MB

    • MD5

      2ed642b52d78bf240ac0dbe57f372fb2

    • SHA1

      ad668ab8c218d6a5649550ed760da0012825e961

    • SHA256

      949d2f6be4bccae3cc1418958e581d50e111b431254f6bbf48f057facadf9603

    • SHA512

      c50270a5b8294a8aeb780560ad5c6212c061c1a1c8086ab93f5de2d929e67333e2177fb945733fa2f40e6b6c6ebc63b84ea4c6a3174d316473ed4611a6e0cc20

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks