General
-
Target
1244-58-0x0000000000400000-0x000000000040C000-memory.dmp
-
Size
48KB
-
Sample
220608-wfg3zaece3
-
MD5
ed59df8b328f9a46bc00f704954688e9
-
SHA1
d8512991bac00913dc3087a3762dd5df5d478c22
-
SHA256
a5a95da2cc6c1c045b9162c62e79f215f5dc718026f4490059840e126f957879
-
SHA512
d3a43a4e0f64188c529980e727a8ce0bac28aaa0c7ca66d0f9c8af26b5635f60deb220379e67aa1c293ada17327a7fd14f4a29c0c7f3a7f2a65eae8ea70f6db4
Static task
static1
Behavioral task
behavioral1
Sample
1244-58-0x0000000000400000-0x000000000040C000-memory.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1244-58-0x0000000000400000-0x000000000040C000-memory.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
limerat
-
aes_key
Admin
-
antivm
false
-
c2_url
https://pastebin.com/raw/FkvEmWML
-
delay
3
-
download_payload
false
-
install
true
-
install_name
svhost.exe
-
main_folder
UserProfile
-
pin_spread
false
-
sub_folder
\
-
usb_spread
true
Targets
-
-
Target
1244-58-0x0000000000400000-0x000000000040C000-memory.dmp
-
Size
48KB
-
MD5
ed59df8b328f9a46bc00f704954688e9
-
SHA1
d8512991bac00913dc3087a3762dd5df5d478c22
-
SHA256
a5a95da2cc6c1c045b9162c62e79f215f5dc718026f4490059840e126f957879
-
SHA512
d3a43a4e0f64188c529980e727a8ce0bac28aaa0c7ca66d0f9c8af26b5635f60deb220379e67aa1c293ada17327a7fd14f4a29c0c7f3a7f2a65eae8ea70f6db4
Score3/10 -