General

  • Target

    7f74e05d171972713c8b1939080c50eb7df9a9967f0b173ec066b9d265a08e25

  • Size

    28KB

  • Sample

    220520-fsmwzsdhgq

  • MD5

    9220908d5a045aa7f91178fd4397279c

  • SHA1

    ee397c59c649b64358991fb83f26d112bc29884b

  • SHA256

    7f74e05d171972713c8b1939080c50eb7df9a9967f0b173ec066b9d265a08e25

  • SHA512

    0027404f8461316ccc35acf9590e652ab26196f245983b9d95fcd814af5821011c9ea68269266877c0547c9567702c87221566663bd7c34a03d956266a8d108d

Score
10/10

Malware Config

Extracted

Family

limerat

Attributes
  • aes_key

    лох

  • antivm

    false

  • c2_url

    https://pastebin.com/raw/fveTzd7d

  • delay

    3

  • download_payload

    false

  • install

    false

  • install_name

    Wservice.exe

  • main_folder

    Temp

  • pin_spread

    false

  • sub_folder

    \

  • usb_spread

    false

Targets

    • Target

      7f74e05d171972713c8b1939080c50eb7df9a9967f0b173ec066b9d265a08e25

    • Size

      28KB

    • MD5

      9220908d5a045aa7f91178fd4397279c

    • SHA1

      ee397c59c649b64358991fb83f26d112bc29884b

    • SHA256

      7f74e05d171972713c8b1939080c50eb7df9a9967f0b173ec066b9d265a08e25

    • SHA512

      0027404f8461316ccc35acf9590e652ab26196f245983b9d95fcd814af5821011c9ea68269266877c0547c9567702c87221566663bd7c34a03d956266a8d108d

    Score
    10/10
    • LimeRAT

      Simple yet powerful RAT for Windows machines written in .NET.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks