Overview

overview

7

Static

static

7

S_-_500_RA...us.rar

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    S_-_500_RAT_G3_2022_Anonymous.rar

  • Size

    30.6MB

  • Sample

    230409-n95r5acf9y

  • MD5

    20a1303c72dc7dd859982e9bf45c70c0

  • SHA1

    d1c3a802e0fba35c1aeed1c8720aaf4323a66294

  • SHA256

    2199752fcd7d8761556b8da40c3509c9fdaa4627e031f0fa32f3d6c103789a3e

  • SHA512

    c69d718ad5f406697f42a080f92c90d9846e160631c0d90beb290536017e3d21600181d6cf4ea367a09b56aa67d8bfbbccd5bc20d9da29ad242d51a49b28fecc

  • SSDEEP

    393216:JPRH+eRBy7LmiHueI8BdRxvRZopLo4sOxKlpPL4XBnQUbOK+VLAG8RMq9bnAMRkv:HJRqLUAjRxvQsOxKXP8xnSl8RTRZp2

Score
7/10
agilenet

Malware Config

Targets

    • Target

      S_-_500_RAT_G3_2022_Anonymous.rar

    • Size

      30.6MB

    • MD5

      20a1303c72dc7dd859982e9bf45c70c0

    • SHA1

      d1c3a802e0fba35c1aeed1c8720aaf4323a66294

    • SHA256

      2199752fcd7d8761556b8da40c3509c9fdaa4627e031f0fa32f3d6c103789a3e

    • SHA512

      c69d718ad5f406697f42a080f92c90d9846e160631c0d90beb290536017e3d21600181d6cf4ea367a09b56aa67d8bfbbccd5bc20d9da29ad242d51a49b28fecc

    • SSDEEP

      393216:JPRH+eRBy7LmiHueI8BdRxvRZopLo4sOxKlpPL4XBnQUbOK+VLAG8RMq9bnAMRkv:HJRqLUAjRxvQsOxKXP8xnSl8RTRZp2

    Score
    7/10
    agilenet

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks