General

  • Target

    22c74adf03e49db1dfab9216566d4ed9.bin

  • Size

    14KB

  • Sample

    230422-bkpndsbd95

  • MD5

    97d0c10c5c1f722fedabcca04c3bca68

  • SHA1

    d7614208950c9ec4e6117c0f76993ed5247c751c

  • SHA256

    ca6dd87070b78c8ab0988e784be2d13ca09af57ac92411d295ea9d00277fa892

  • SHA512

    40512579eeecb31bd0a6ec3f3ebe05df2a81f7edd07b834b92a8fc423982cb14f012698156c0510a4535d91639fdb284468b0d5138319a296fec7b8c402101f9

  • SSDEEP

    384:gF1S+VlF1UjBuFqDJGySqSkIKQYhy60jJ8G:g1UlXJVSLkUY4bjJ8G

Score
10/10

Malware Config

Extracted

Family

limerat

Attributes
  • aes_key

    4545

  • antivm

    false

  • c2_url

    https://pastebin.com/raw/rTiY1HLu

  • delay

    3

  • download_payload

    false

  • install

    false

  • install_name

    Wservices.exe

  • main_folder

    Temp

  • pin_spread

    false

  • sub_folder

    \

  • usb_spread

    false

Targets

    • Target

      6d28fe68df58ab9121992fdcfba660bac50108c9ea9fd786a8dc3611b4f60289.exe

    • Size

      28KB

    • MD5

      22c74adf03e49db1dfab9216566d4ed9

    • SHA1

      7b0f06fe3512717632b943be8ca3445e915f62d2

    • SHA256

      6d28fe68df58ab9121992fdcfba660bac50108c9ea9fd786a8dc3611b4f60289

    • SHA512

      b9bd0ecb294c192e2b235a51397c3157617d2a59f60bd533ff59a9a33b6e7d3140585e9c725a685f04006d7d122ca301f40cc62301527d34eb99a5bcbc13b55d

    • SSDEEP

      384:7B+Sbj6NKZYvR62u3AHtIEUqDXOe+y14vDKNrCeJE3WNgPe5FtosBAzQro3lcBGQ:lpZYZ62u3wtzOe+2W45NdisBeuj

    Score
    10/10
    • LimeRAT

      Simple yet powerful RAT for Windows machines written in .NET.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.