arrowrat | 17227efc8b92a1b5417f5e6e060967bb7979694defd810a74d42546f368a9dcb | Triage

Sharing

General

Target

1332-139-0x0000000000400000-0x000000000042C000-memory.dmp
Size

176KB
Sample

220819-vzbvmaahh9
MD5

8aa6c2cda7458ff559735b95e58a56c6
SHA1

71fd5f0a58b35f0c827e2371c1ddc561ef7e1262
SHA256

17227efc8b92a1b5417f5e6e060967bb7979694defd810a74d42546f368a9dcb
SHA512

d2eaef739a3df1760d9b996fc4cd005515d45cc18ccc0ab41437bce995751ed8222d25eaa81fcf4e5baa436d8dee85507b49de6bd71a95013070f5513c1bee47
SSDEEP

1536:tpNOW0GqMSK3bUzZdQ1iIMvnZlbLxjV3AGq5gWlocT1wzySsd9NJ3Pc+:tpNOWnqMSKsstcnZTJQDgWPaySsdH59

Score

10^/10

arrowrat fsocity

Malware Config

Extracted

Family

arrowrat

Botnet

Fsocity

C2

104.41.172.235:9091

Mutex

YzpcKpvwT.exe

Targets

- Target
  
  1332-139-0x0000000000400000-0x000000000042C000-memory.dmp
- Size
  
  176KB
- MD5
  
  8aa6c2cda7458ff559735b95e58a56c6
- SHA1
  
  71fd5f0a58b35f0c827e2371c1ddc561ef7e1262
- SHA256
  
  17227efc8b92a1b5417f5e6e060967bb7979694defd810a74d42546f368a9dcb
- SHA512
  
  d2eaef739a3df1760d9b996fc4cd005515d45cc18ccc0ab41437bce995751ed8222d25eaa81fcf4e5baa436d8dee85507b49de6bd71a95013070f5513c1bee47
- SSDEEP
  
  1536:tpNOW0GqMSK3bUzZdQ1iIMvnZlbLxjV3AGq5gWlocT1wzySsd9NJ3Pc+:tpNOWnqMSKsstcnZTJQDgWPaySsdH59
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

fsocityarrowrat

behavioral1

behavioral2