General
-
Target
22c74adf03e49db1dfab9216566d4ed9.bin
-
Size
14KB
-
Sample
230422-bkpndsbd95
-
MD5
97d0c10c5c1f722fedabcca04c3bca68
-
SHA1
d7614208950c9ec4e6117c0f76993ed5247c751c
-
SHA256
ca6dd87070b78c8ab0988e784be2d13ca09af57ac92411d295ea9d00277fa892
-
SHA512
40512579eeecb31bd0a6ec3f3ebe05df2a81f7edd07b834b92a8fc423982cb14f012698156c0510a4535d91639fdb284468b0d5138319a296fec7b8c402101f9
-
SSDEEP
384:gF1S+VlF1UjBuFqDJGySqSkIKQYhy60jJ8G:g1UlXJVSLkUY4bjJ8G
Behavioral task
behavioral1
Sample
6d28fe68df58ab9121992fdcfba660bac50108c9ea9fd786a8dc3611b4f60289.exe
Resource
win7-20230220-en
Malware Config
Extracted
limerat
-
aes_key
4545
-
antivm
false
-
c2_url
https://pastebin.com/raw/rTiY1HLu
-
delay
3
-
download_payload
false
-
install
false
-
install_name
Wservices.exe
-
main_folder
Temp
-
pin_spread
false
-
sub_folder
\
-
usb_spread
false
Targets
-
-
Target
6d28fe68df58ab9121992fdcfba660bac50108c9ea9fd786a8dc3611b4f60289.exe
-
Size
28KB
-
MD5
22c74adf03e49db1dfab9216566d4ed9
-
SHA1
7b0f06fe3512717632b943be8ca3445e915f62d2
-
SHA256
6d28fe68df58ab9121992fdcfba660bac50108c9ea9fd786a8dc3611b4f60289
-
SHA512
b9bd0ecb294c192e2b235a51397c3157617d2a59f60bd533ff59a9a33b6e7d3140585e9c725a685f04006d7d122ca301f40cc62301527d34eb99a5bcbc13b55d
-
SSDEEP
384:7B+Sbj6NKZYvR62u3AHtIEUqDXOe+y14vDKNrCeJE3WNgPe5FtosBAzQro3lcBGQ:lpZYZ62u3wtzOe+2W45NdisBeuj
-
Legitimate hosting services abused for malware hosting/C2
-