General
-
Target
199ecae9fa74c42c5dc46548596bc8bb.exe
-
Size
99KB
-
Sample
230316-y7txyscg34
-
MD5
199ecae9fa74c42c5dc46548596bc8bb
-
SHA1
a62a99b8ade6b1ce411aaa7a8d3b7c34ce6e285a
-
SHA256
2cbf63527a0c56cf1cd265f78c2886af195b7635c8ff02c0bb02fc20f2cc1c8d
-
SHA512
3d522d67e624be389c0b8be227c853a7127075fa2b2e38d2457c9d4a6a287122fa9eb466497f3ef6d3bd5f7430654d7b4e4abe4bbcc244e587027f3645d1b924
-
SSDEEP
1536:OF4WWMJ7J+GMrFmCxuNCTwChaKExEbbaaYoOgGK:84W/Wbth5bbTmgGK
Malware Config
Targets
-
-
Target
199ecae9fa74c42c5dc46548596bc8bb.exe
-
Size
99KB
-
MD5
199ecae9fa74c42c5dc46548596bc8bb
-
SHA1
a62a99b8ade6b1ce411aaa7a8d3b7c34ce6e285a
-
SHA256
2cbf63527a0c56cf1cd265f78c2886af195b7635c8ff02c0bb02fc20f2cc1c8d
-
SHA512
3d522d67e624be389c0b8be227c853a7127075fa2b2e38d2457c9d4a6a287122fa9eb466497f3ef6d3bd5f7430654d7b4e4abe4bbcc244e587027f3645d1b924
-
SSDEEP
1536:OF4WWMJ7J+GMrFmCxuNCTwChaKExEbbaaYoOgGK:84W/Wbth5bbTmgGK
Score10/10-
LimeRAT
Simple yet powerful RAT for Windows machines written in .NET.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-