General
-
Target
7f74e05d171972713c8b1939080c50eb7df9a9967f0b173ec066b9d265a08e25
-
Size
28KB
-
Sample
220520-fsmwzsdhgq
-
MD5
9220908d5a045aa7f91178fd4397279c
-
SHA1
ee397c59c649b64358991fb83f26d112bc29884b
-
SHA256
7f74e05d171972713c8b1939080c50eb7df9a9967f0b173ec066b9d265a08e25
-
SHA512
0027404f8461316ccc35acf9590e652ab26196f245983b9d95fcd814af5821011c9ea68269266877c0547c9567702c87221566663bd7c34a03d956266a8d108d
Static task
static1
Behavioral task
behavioral1
Sample
7f74e05d171972713c8b1939080c50eb7df9a9967f0b173ec066b9d265a08e25.exe
Resource
win7-20220414-en
Malware Config
Extracted
limerat
-
aes_key
лох
-
antivm
false
-
c2_url
https://pastebin.com/raw/fveTzd7d
-
delay
3
-
download_payload
false
-
install
false
-
install_name
Wservice.exe
-
main_folder
Temp
-
pin_spread
false
-
sub_folder
\
-
usb_spread
false
Targets
-
-
Target
7f74e05d171972713c8b1939080c50eb7df9a9967f0b173ec066b9d265a08e25
-
Size
28KB
-
MD5
9220908d5a045aa7f91178fd4397279c
-
SHA1
ee397c59c649b64358991fb83f26d112bc29884b
-
SHA256
7f74e05d171972713c8b1939080c50eb7df9a9967f0b173ec066b9d265a08e25
-
SHA512
0027404f8461316ccc35acf9590e652ab26196f245983b9d95fcd814af5821011c9ea68269266877c0547c9567702c87221566663bd7c34a03d956266a8d108d
-
Legitimate hosting services abused for malware hosting/C2
-