limerat | 228d45f589db33d9f9afb5fe00f1c0dca51227c1b255d34fe3b9068ce82a47d4[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

228d45f589...d4.exe

windows7-x64

228d45f589...d4.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

228d45f589db33d9f9afb5fe00f1c0dca51227c1b255d34fe3b9068ce82a47d4.exe

Resource

win7-20220901-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

228d45f589db33d9f9afb5fe00f1c0dca51227c1b255d34fe3b9068ce82a47d4.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

8 signatures

150 seconds

General

Target

228d45f589db33d9f9afb5fe00f1c0dca51227c1b255d34fe3b9068ce82a47d4.exe
Size

29KB
MD5

4867caf94a1222a561e9b443a4e01ee6
SHA1

7903ad13a5ba397ff5d79191a089804b003699ff
SHA256

228d45f589db33d9f9afb5fe00f1c0dca51227c1b255d34fe3b9068ce82a47d4
SHA512

7016835d4044a7ce2e7b4019ed185a1f47b3c1e43ca48cc821c7d9e0c9b1cee8a8f80125eb6246e16310348297a864d31e2dcefbdfae944d4976a03f3d5f910c
SSDEEP

768:IqptXM6N2wHiBN0HY45NPhRXKV1TdPKEj:IqpF2wH4IlnmgE

Score

10^/10

limerat

Malware Config

Extracted

Family

limerat

Wallets

31u93LeqAjhmu48kA6JYNVSyGshBNvnqNS

Attributes

aes_key
%D*G-KaN
antivm
false
c2_url
https://pastebin.com/raw/3YAbmSCc
delay
6
download_payload
false
install
true
install_name
AudioDriver.exe
main_folder
UserProfile
pin_spread
true
sub_folder
\Windows\
usb_spread
true

Signatures

Limerat family
limerat

Files

228d45f589db33d9f9afb5fe00f1c0dca51227c1b255d34fe3b9068ce82a47d4.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy