Overview

overview

10

Static

static

7696274f62...5a.exe

windows7_x64

10

7696274f62...5a.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7696274f6270b793b2dffc5b283a104be475d79b440500478780e24f6436fd5a.zip

  • Size

    1.4MB

  • Sample

    210805-zjmsnxalss

  • MD5

    00dce7534b9dd5c1bd220afe1e86cb4d

  • SHA1

    e8ab81bc0593024ca2ebd22e31d3c292c8a66fbb

  • SHA256

    3caf291b46329aef3a6dc1b90284ad350ead66ffbceb0abbb08f00a06ced7a25

  • SHA512

    ee000fcb6697953374d9b9b6c02416d106246d000136a2a4bafc00513749fc952ea1ae5052dd4db261fa47355c06403608d9e578f9d85f180feff58767d49e7c

Score
10/10
webmonitorbackdoorinfostealerrat

Malware Config

Targets

    • Target

      7696274f6270b793b2dffc5b283a104be475d79b440500478780e24f6436fd5a.exe

    • Size

      1.9MB

    • MD5

      1372b32848411ad39f19abe9d74b052f

    • SHA1

      b47548451a323c3ae62b25ee6b65f1fe76837639

    • SHA256

      7696274f6270b793b2dffc5b283a104be475d79b440500478780e24f6436fd5a

    • SHA512

      ed15a4855f25b2ff6a00c2e19c4def71aac1d27945d249dbb26718107dbe48a4c3176be1e07cd1f5de29b7d3aeffb2530fb89c70c0f1e9ba77dc0c9bd3396942

    Score
    10/10
    webmonitorbackdoorinfostealerrat

    • RevcodeRat, WebMonitorRat

      WebMonitor is a remote access tool that you can use from any browser access to control, and monitor your phones, or PCs.

      backdoorratinfostealerwebmonitor

    • WebMonitor Payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks