Overview

overview

10

Static

static

10

Window.exe

windows7-x64

10

Window.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Window.exe

  • Size

    28KB

  • Sample

    221228-2z5ahabh46

  • MD5

    88dbe003620c32ac5bf9ac5cec42d169

  • SHA1

    26c7cb32d78077c7112b140a293a7076c66690f1

  • SHA256

    8fc718a75777a80722b50ad6fef3306078e900bbc872bb664a197884721294f0

  • SHA512

    073e2e955057b1959a15483ab99cd89e1751e89b6989c6aca71d666b45a6d0badb379bdb2a72d2159be0117cd1cfff6d567d5816d1d853ddf6f1bb586ad7f588

  • SSDEEP

    384:bB+Sbj6NKsyRu6F1AH9o1yqDfIKKy5dYzvDKNrCeJE3WNgAnD8bJvEAEcQro3lcM:FpFU6F1w9YIKzYz45Nvspxxj

Score
10/10
limeratrat

Malware Config

Extracted

Family

limerat

Attributes
  • aes_key

    LeaveMe

  • antivm

    false

  • c2_url

    http://pastebin.pl/view/raw/0755aad0

  • delay

    3

  • download_payload

    false

  • install

    false

  • install_name

    MicrosoftUpdater.tft.exe

  • main_folder

    UserProfile

  • pin_spread

    false

  • sub_folder

    \.Temp\

  • usb_spread

    false

Targets

    • Target

      Window.exe

    • Size

      28KB

    • MD5

      88dbe003620c32ac5bf9ac5cec42d169

    • SHA1

      26c7cb32d78077c7112b140a293a7076c66690f1

    • SHA256

      8fc718a75777a80722b50ad6fef3306078e900bbc872bb664a197884721294f0

    • SHA512

      073e2e955057b1959a15483ab99cd89e1751e89b6989c6aca71d666b45a6d0badb379bdb2a72d2159be0117cd1cfff6d567d5816d1d853ddf6f1bb586ad7f588

    • SSDEEP

      384:bB+Sbj6NKsyRu6F1AH9o1yqDfIKKy5dYzvDKNrCeJE3WNgAnD8bJvEAEcQro3lcM:FpFU6F1w9YIKzYz45Nvspxxj

    Score
    10/10
    limeratrat

    • LimeRAT

      Simple yet powerful RAT for Windows machines written in .NET.

      ratlimerat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks