arrowrat | 4e4dcd976d91fa65cc102b3a9a067852c0bfe2c080d46917d311ff46187cfa28 | Triage

Sharing

General

Target

2324-140-0x0000000000400000-0x000000000042C000-memory.dmp
Size

176KB
Sample

221127-w72xfsdf2y
MD5

be9bb3085ed5cd7c5e3212addfafabde
SHA1

bb0080502f256430ad450b45a25c1effdb60b953
SHA256

4e4dcd976d91fa65cc102b3a9a067852c0bfe2c080d46917d311ff46187cfa28
SHA512

dbf724492c5eecd4b3ef79039ff6cf0f11fa282904d489ef7ed51cddeceb9bf9320f59a19fb76c689d0d175127236f040e70b38c0815d6adb6396b5d7d685386
SSDEEP

3072:ebRH+0O5VbFHexuiCrK0ovzNC0Fie+5cVjvn+sZCh8/QbM768Y:ebRe0OLoxuiCNovpke+cvnOaQJ8

Score

10^/10

arrowrat client

Malware Config

Extracted

Family

arrowrat

Botnet

Client

C2

65.108.204.97:1337

Mutex

PreIzXewwN

Targets

- Target
  
  2324-140-0x0000000000400000-0x000000000042C000-memory.dmp
- Size
  
  176KB
- MD5
  
  be9bb3085ed5cd7c5e3212addfafabde
- SHA1
  
  bb0080502f256430ad450b45a25c1effdb60b953
- SHA256
  
  4e4dcd976d91fa65cc102b3a9a067852c0bfe2c080d46917d311ff46187cfa28
- SHA512
  
  dbf724492c5eecd4b3ef79039ff6cf0f11fa282904d489ef7ed51cddeceb9bf9320f59a19fb76c689d0d175127236f040e70b38c0815d6adb6396b5d7d685386
- SSDEEP
  
  3072:ebRH+0O5VbFHexuiCrK0ovzNC0Fie+5cVjvn+sZCh8/QbM768Y:ebRe0OLoxuiCNovpke+cvnOaQJ8
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2