hiverat | 627d08aae07f05b8a597c9ad2d4d3513ba107f628a4a38727f5a623889b66aad | Triage

Submit
Reports

Overview

overview

Static

static

627d08aae0...ad.exe

windows7_x64

627d08aae0...ad.exe

windows10-2004_x64

Sharing

General

Target

627d08aae07f05b8a597c9ad2d4d3513ba107f628a4a38727f5a623889b66aad
Size

412KB
Sample

220309-q24afabfcp
MD5

9f623866564f2db35e45d61a6dee76c8
SHA1

408cf5d7bda367ea9f5db402824b5534f071b123
SHA256

627d08aae07f05b8a597c9ad2d4d3513ba107f628a4a38727f5a623889b66aad
SHA512

4b4fe3fab8a5ccd14923253cb319efe87260222d5f60a9f5b32f8fefca11306b27fbdefa7892b3f2828d150913a904408e338538e7b8f4e9fa0021b8ee8b3296

Score

10^/10

hiverat rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

627d08aae07f05b8a597c9ad2d4d3513ba107f628a4a38727f5a623889b66aad.exe

Resource

win7-20220223-en

hiverat rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

627d08aae07f05b8a597c9ad2d4d3513ba107f628a4a38727f5a623889b66aad.exe

Resource

win10v2004-20220310-en

hiverat rat stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  627d08aae07f05b8a597c9ad2d4d3513ba107f628a4a38727f5a623889b66aad
- Size
  
  412KB
- MD5
  
  9f623866564f2db35e45d61a6dee76c8
- SHA1
  
  408cf5d7bda367ea9f5db402824b5534f071b123
- SHA256
  
  627d08aae07f05b8a597c9ad2d4d3513ba107f628a4a38727f5a623889b66aad
- SHA512
  
  4b4fe3fab8a5ccd14923253cb319efe87260222d5f60a9f5b32f8fefca11306b27fbdefa7892b3f2828d150913a904408e338538e7b8f4e9fa0021b8ee8b3296
Score

10^/10

hiverat rat stealer
- HiveRAT
  HiveRAT is an improved version of FirebirdRAT with various capabilities.
  rat stealer hiverat
- Beds Protector Packer
  Detects Beds Protector packer used to load .NET malware.
- HiveRAT Payload
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hiveratratstealer

behavioral2

hiveratratstealer

© 2018-2024

Terms | Privacy