Overview

overview

10

Static

static

247224c99f...fa.exe

windows7_x64

10

247224c99f...fa.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    247224c99fceb82691532d78441f3f419b3ed2d64559c09ab29dc71d1841affa

  • Size

    516KB

  • Sample

    220309-q534vabfgk

  • MD5

    a017058b040b5a38add4f95861a11f67

  • SHA1

    f5fd43a5f9c48b21b83b778ae1ffe1f7ede0283b

  • SHA256

    247224c99fceb82691532d78441f3f419b3ed2d64559c09ab29dc71d1841affa

  • SHA512

    64f6c8b098c136f7ce375e76d8c53f7797a2e7fb1ea45192947a563eef8b8b45dc1ff7d3b923b23ab84ae8fece04def040f3f0098eae175980319a7207f9d692

Score
10/10
hiveratratstealer

Malware Config

Targets

    • Target

      247224c99fceb82691532d78441f3f419b3ed2d64559c09ab29dc71d1841affa

    • Size

      516KB

    • MD5

      a017058b040b5a38add4f95861a11f67

    • SHA1

      f5fd43a5f9c48b21b83b778ae1ffe1f7ede0283b

    • SHA256

      247224c99fceb82691532d78441f3f419b3ed2d64559c09ab29dc71d1841affa

    • SHA512

      64f6c8b098c136f7ce375e76d8c53f7797a2e7fb1ea45192947a563eef8b8b45dc1ff7d3b923b23ab84ae8fece04def040f3f0098eae175980319a7207f9d692

    Score
    10/10
    hiveratratstealer

    • HiveRAT

      HiveRAT is an improved version of FirebirdRAT with various capabilities.

      ratstealerhiverat

    • HiveRAT Payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks