hiverat | a89f8ac927cabea259a47a4c7788e3daf95056913070fca186cbd80f35b9ba1e | Triage

Submit
Reports

Overview

overview

Static

static

a89f8ac927...1e.exe

windows7_x64

a89f8ac927...1e.exe

windows10-2004_x64

Sharing

General

Target

a89f8ac927cabea259a47a4c7788e3daf95056913070fca186cbd80f35b9ba1e
Size

328KB
Sample

220501-3ej99secf5
MD5

e8068367588a8265d548f30a1f44e8a6
SHA1

29db35a706c1be8dd53569697ae8df40d824c56f
SHA256

a89f8ac927cabea259a47a4c7788e3daf95056913070fca186cbd80f35b9ba1e
SHA512

27c1bc885c17a5ed7cb9d7634172abf61256a44af90759a403fe16d4eb4d0f4a24269682cffacbedf0cf2e3efabbff03ff2757d0f40adf948b6c691702626de9

Score

10^/10

hiverat rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

a89f8ac927cabea259a47a4c7788e3daf95056913070fca186cbd80f35b9ba1e.exe

Resource

win7-20220414-en

hiverat rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a89f8ac927cabea259a47a4c7788e3daf95056913070fca186cbd80f35b9ba1e.exe

Resource

win10v2004-20220414-en

hiverat rat stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  a89f8ac927cabea259a47a4c7788e3daf95056913070fca186cbd80f35b9ba1e
- Size
  
  328KB
- MD5
  
  e8068367588a8265d548f30a1f44e8a6
- SHA1
  
  29db35a706c1be8dd53569697ae8df40d824c56f
- SHA256
  
  a89f8ac927cabea259a47a4c7788e3daf95056913070fca186cbd80f35b9ba1e
- SHA512
  
  27c1bc885c17a5ed7cb9d7634172abf61256a44af90759a403fe16d4eb4d0f4a24269682cffacbedf0cf2e3efabbff03ff2757d0f40adf948b6c691702626de9
Score

10^/10

hiverat rat stealer
- HiveRAT
  HiveRAT is an improved version of FirebirdRAT with various capabilities.
  rat stealer hiverat
- Beds Protector Packer
  Detects Beds Protector packer used to load .NET malware.
- HiveRAT Payload
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hiveratratstealer

behavioral2

hiveratratstealer

© 2018-2024

Terms | Privacy