Overview

overview

10

Static

static

10

TunnelBear...ct.exe

windows10-2004-x64

10

TunnelBear...ar.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TunnelBear-Checker.rar

  • Size

    8.2MB

  • Sample

    221203-vh1gnahf76

  • MD5

    2b64ec950ea745981d6066c8230f448b

  • SHA1

    7b4e6801fe4d87fa835e0ec5bbd31e76dce7a176

  • SHA256

    551c6b570f45b33086e4428ca54dc9d9d199bdf1185fe48378ca155d1e7e9188

  • SHA512

    d4ea20d56e04a0c089e1b75add9923bed65e7c76ccdeaea3f90e89ec04d0e1fb7f6647f89a096c471b7e8a01090e80cc00a77de3cade57083ce366f2dda63899

  • SSDEEP

    98304:MtLagqf+FbVVyX8/u4NZOPBOT6lUPotNFSuTBZ7bHtdWrASQufUafmhf/A7B+pVM:mLw+FbrrE5I+xtNQkBtBdOHfMYBptmY

Score
10/10
limeratrat

Malware Config

Extracted

Family

limerat

Attributes
  • aes_key

    12213

  • antivm

    true

  • c2_url

    https://pastebin.com/raw/kRqKBgJj

  • delay

    3

  • download_payload

    false

  • install

    true

  • install_name

    Windows Defender.exe

  • main_folder

    Temp

  • pin_spread

    false

  • sub_folder

    \

  • usb_spread

    true

Targets

    • Target

      TunnelBear-Checker/bin/TunnelBear-connect.exe

    • Size

      25KB

    • MD5

      07f07820ea9ef64916f0e22ef06bfbff

    • SHA1

      32257a2ff75af479d0e5f7c2f043f795bec058e4

    • SHA256

      a60130cec8f6b0343eec84adf80a06eef791fb316fa803855eb1af520fe51aba

    • SHA512

      25126bcfe0676a2d5208f092b09a7d29f028562eda9257df966caf8d04284f32aa17f83b5762558292aea79238c6cf3e1c4fafd612ccb14d7b8bad5afb87d04f

    • SSDEEP

      384:SB+Sbj6NKQay6RpAHdizvih34EnWb5j4kDhlzCTJEUmNYEYQro3lcGIsjr:IpQN6RpwdiuaE+RHtN8/j

    Score
    10/10
    limeratrat

    • LimeRAT

      Simple yet powerful RAT for Windows machines written in .NET.

      ratlimerat
    behavioral1

    • Target

      TunnelBear-Checker/bin/TunnelBear.exe

    • Size

      29KB

    • MD5

      0d206bae07a50c4abddc37f3b194f1b5

    • SHA1

      d371c9251b2c490d0504e3755a2736e311f30fe8

    • SHA256

      a3dc7f0792a3cc4210dd52d04a406e25fc87545b010b865c6888cb76322e7c27

    • SHA512

      525846eef569ec67b463c8be45cf305644898a2f410f9965f38c0508d6cd5757da47af4d55460718d259c70c39bd001c1ade2b549151e3c24e901d0c83ee76ba

    • SSDEEP

      384:ed8TL3DOTSuWQOTiTAQMJZsEiC1KDojcHd7EMoZuX8VxyDtmAMEHuULZl:zTnZhOMMEIvd7EMMuX8VxyDtmHET

    Score
    1/10
    behavioral2

MITRE ATT&CK Enterprise v6

Tasks