hiverat | faedba78d76455d390dcc0588860d6016f875d7c844ab7f954894b6843cecf6d | Triage

Submit
Reports

Overview

overview

Static

static

faedba78d7...6d.exe

windows7_x64

faedba78d7...6d.exe

windows10-2004_x64

Sharing

General

Target

faedba78d76455d390dcc0588860d6016f875d7c844ab7f954894b6843cecf6d
Size

236KB
Sample

220524-z4qa2accbn
MD5

2db12e4adb813900423f57caa32435c2
SHA1

cb2627fcef6e94699aa325cdd7428257cabcb93f
SHA256

faedba78d76455d390dcc0588860d6016f875d7c844ab7f954894b6843cecf6d
SHA512

fc7334905db1348c3ba346edca12f51b1e59fcb43c4eef19f1e546e18c201d76cadcf2088f15a33f269b04a4034b48668028735071ec726b576d0cbb25a8d048

Score

10^/10

hiverat rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

faedba78d76455d390dcc0588860d6016f875d7c844ab7f954894b6843cecf6d.exe

Resource

win7-20220414-en

hiverat rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

faedba78d76455d390dcc0588860d6016f875d7c844ab7f954894b6843cecf6d.exe

Resource

win10v2004-20220414-en

hiverat rat stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  faedba78d76455d390dcc0588860d6016f875d7c844ab7f954894b6843cecf6d
- Size
  
  236KB
- MD5
  
  2db12e4adb813900423f57caa32435c2
- SHA1
  
  cb2627fcef6e94699aa325cdd7428257cabcb93f
- SHA256
  
  faedba78d76455d390dcc0588860d6016f875d7c844ab7f954894b6843cecf6d
- SHA512
  
  fc7334905db1348c3ba346edca12f51b1e59fcb43c4eef19f1e546e18c201d76cadcf2088f15a33f269b04a4034b48668028735071ec726b576d0cbb25a8d048
Score

10^/10

hiverat rat stealer
- HiveRAT
  HiveRAT is an improved version of FirebirdRAT with various capabilities.
  rat stealer hiverat
- HiveRAT Payload
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hiveratratstealer

behavioral2

hiveratratstealer

© 2018-2024

Terms | Privacy