General

  • Target

    01b5f44cdf8085044c0f6b42f7cc1159d813e599deb76ed6e02c78c1833b717a

  • Size

    28KB

  • MD5

    5b70d0093091a03dec58ec96331a3e60

  • SHA1

    65e9bbb4651d0137d252977d12391d3a3a7d9edc

  • SHA256

    01b5f44cdf8085044c0f6b42f7cc1159d813e599deb76ed6e02c78c1833b717a

  • SHA512

    4d9a87b97e57621df3337b5d1b214e30f794545dcb47ff887b7fabf7186cf395ad64c3b061ce7e7ee0d399f3358b3cb172ca23f63f4c4c09b6ee52ed406e1e24

  • SSDEEP

    384:GE0WnRVTwsYmtBpowfafhpiYR93u8xItMkDFVvDuNrCeJE3WN51dScIna7iqbM/a:bTb8wippj9+FtrJlk5NbdInJqbMgVY

Score
10/10

Malware Config

Extracted

Family

limerat

Wallets

1NVdWmBPhq364foSwdwNskjpvkcCdEDymb

Attributes
  • aes_key

    88

  • antivm

    true

  • c2_url

    https://pastebin.com/raw/wCACXBsj

  • delay

    3

  • download_payload

    false

  • install

    true

  • install_name

    Wservices.exe

  • main_folder

    Temp

  • pin_spread

    true

  • sub_folder

    \

  • usb_spread

    true

Signatures

Files

  • 01b5f44cdf8085044c0f6b42f7cc1159d813e599deb76ed6e02c78c1833b717a
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections