General

  • Target

    0a7bb504bdceca0d03921b4cbfe7915917685afd405ebafab719d2236c8ab35f

  • Size

    13KB

  • MD5

    5a3add93e1b4dda822740d10cf2af47c

  • SHA1

    629eaf11accf121dab45a97b774fcf9486bb2cbb

  • SHA256

    0a7bb504bdceca0d03921b4cbfe7915917685afd405ebafab719d2236c8ab35f

  • SHA512

    f8d54563905bd5c0c7c3a24eff36d3576df154321692688627d4d2c967c28d83401374204b70dfb8c67f695742a4f6cd2e49ce5b1020596004c0e3e6d07374d9

  • SSDEEP

    384:Q9rFrli7iyBHcLw0KLPAqVjaUk0YLzAkvYJSJFL4sBh3/Nrw:cVuikHNY21OUKY0JFMsBha

Score
10/10

Malware Config

Extracted

Family

limerat

Wallets

12abaLRKG8Mg2F6V5jU3ek8FgMopZd9KEg

Attributes
  • aes_key

    4

  • antivm

    true

  • c2_url

    https://pastebin.com/raw/uSLpq9XN

  • delay

    5

  • download_payload

    false

  • install

    true

  • install_name

    officework.exe

  • main_folder

    Temp

  • pin_spread

    true

  • sub_folder

    \

  • usb_spread

    false

Signatures

Files

  • 0a7bb504bdceca0d03921b4cbfe7915917685afd405ebafab719d2236c8ab35f
    .rar
  • masarati.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections