hiverat | 93976f0e20d71604b9d3cb4de0046d874f763aa9ef701ef65feaa5d4a8152bdd | Triage

Submit
Reports

Overview

overview

Static

static

93976f0e20...dd.exe

windows7_x64

93976f0e20...dd.exe

windows10-2004_x64

Sharing

General

Target

93976f0e20d71604b9d3cb4de0046d874f763aa9ef701ef65feaa5d4a8152bdd
Size

333KB
Sample

220415-llc14afghj
MD5

c9fbb0b249181bda2fd97576a58e9292
SHA1

e0e64d6903b514ac554b59d2b082b04d8f1df46b
SHA256

93976f0e20d71604b9d3cb4de0046d874f763aa9ef701ef65feaa5d4a8152bdd
SHA512

1750c75df8b99ddd88f998a8136fb151af8804ea2f29cba2af5651948788a0e20a0623bbc0e313b281b0f11aefafb14c34cb09c11b8b5e24ed0230260bf9eca9

Score

10^/10

hiverat rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

93976f0e20d71604b9d3cb4de0046d874f763aa9ef701ef65feaa5d4a8152bdd.exe

Resource

win7-20220414-en

hiverat rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

93976f0e20d71604b9d3cb4de0046d874f763aa9ef701ef65feaa5d4a8152bdd.exe

Resource

win10v2004-20220414-en

hiverat rat stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  93976f0e20d71604b9d3cb4de0046d874f763aa9ef701ef65feaa5d4a8152bdd
- Size
  
  333KB
- MD5
  
  c9fbb0b249181bda2fd97576a58e9292
- SHA1
  
  e0e64d6903b514ac554b59d2b082b04d8f1df46b
- SHA256
  
  93976f0e20d71604b9d3cb4de0046d874f763aa9ef701ef65feaa5d4a8152bdd
- SHA512
  
  1750c75df8b99ddd88f998a8136fb151af8804ea2f29cba2af5651948788a0e20a0623bbc0e313b281b0f11aefafb14c34cb09c11b8b5e24ed0230260bf9eca9
Score

10^/10

hiverat rat stealer
- HiveRAT
  HiveRAT is an improved version of FirebirdRAT with various capabilities.
  rat stealer hiverat
- Beds Protector Packer
  Detects Beds Protector packer used to load .NET malware.
- HiveRAT Payload
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hiveratratstealer

behavioral2

hiveratratstealer

© 2018-2024

Terms | Privacy