hiverat | 528f620f2cd3e22ce81c119a51801527a0ca2a1e5f3c05cf31591a28858359c4 | Triage

Submit
Reports

Overview

overview

Static

static

528f620f2c...c4.exe

windows7_x64

528f620f2c...c4.exe

windows10-2004_x64

Sharing

General

Target

528f620f2cd3e22ce81c119a51801527a0ca2a1e5f3c05cf31591a28858359c4
Size

955KB
Sample

220324-yc3xdaded9
MD5

38c0511fa37c2f89a7a64f98065fc8a5
SHA1

e279a64626c4819727390916993a679ce22ab183
SHA256

528f620f2cd3e22ce81c119a51801527a0ca2a1e5f3c05cf31591a28858359c4
SHA512

38e254745b5843b1edfa08e0676265b3dd13e7b5131fa3094690f3e0975e3f98b90ad871184edd0f9efe31687b96ab634db28ae5058dca776f23fe0a807d5082

Score

10^/10

hiverat rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

528f620f2cd3e22ce81c119a51801527a0ca2a1e5f3c05cf31591a28858359c4.exe

Resource

win7-20220311-en

hiverat rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

528f620f2cd3e22ce81c119a51801527a0ca2a1e5f3c05cf31591a28858359c4.exe

Resource

win10v2004-en-20220113

hiverat rat stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  528f620f2cd3e22ce81c119a51801527a0ca2a1e5f3c05cf31591a28858359c4
- Size
  
  955KB
- MD5
  
  38c0511fa37c2f89a7a64f98065fc8a5
- SHA1
  
  e279a64626c4819727390916993a679ce22ab183
- SHA256
  
  528f620f2cd3e22ce81c119a51801527a0ca2a1e5f3c05cf31591a28858359c4
- SHA512
  
  38e254745b5843b1edfa08e0676265b3dd13e7b5131fa3094690f3e0975e3f98b90ad871184edd0f9efe31687b96ab634db28ae5058dca776f23fe0a807d5082
Score

10^/10

hiverat rat stealer
- HiveRAT
  HiveRAT is an improved version of FirebirdRAT with various capabilities.
  rat stealer hiverat
- HiveRAT Payload
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hiveratratstealer

behavioral2

hiveratratstealer

© 2018-2024

Terms | Privacy