Overview

overview

1

Static

static

1

CleanUp.bat

windows7-x64

1

CleanUp.bat

windows10-2004-x64

1

rBot.html

windows7-x64

1

rBot.html

windows10-2004-x64

1

src/misc.vbs

windows7-x64

1

src/misc.vbs

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    drx_realcast_woopie.rar

  • Size

    245KB

  • MD5

    9f888ff2dff506e1275857865f8273ba

  • SHA1

    5c09da0236fe0347d03a6b1c9aecb9d4f651732a

  • SHA256

    5066e4b3c33a96377268a3bf9b18547d5284d60bdeae20fd5c5b7a29a9a021fb

  • SHA512

    69ff66c154455cd89054f33a34a5e455f132626967ce448c16fb9f36109f9d7643ee0a33a20476aa04f62d8ecd328cdec52683016edfb6ae12310cf673ac273f

  • SSDEEP

    6144:bgsA2YMyVe7TKaBZXhxP6q37jeYIZ4sMM+KOQ/w4QDJs5MDVcUs:bUMGATlZXhxCXYockV/gJzVI

Score
1/10

Malware Config

Signatures

Files

  • drx_realcast_woopie.rar
    .rar

    Password: infected

  • CleanUp.bat
  • docs/Changes.txt
  • includes/advscan.h
  • includes/aliaslog.h
  • includes/autostart.h
  • includes/configs.h
  • includes/crc32.h
  • includes/crypt.h
  • includes/dcc.h
  • includes/dcom.h
  • includes/ddos.h
  • includes/defines.h
  • includes/download.h
  • includes/driveinfo.h
  • includes/ehandler.h
  • includes/externs.h
  • includes/findfile.h
  • includes/fphost.h
  • includes/ftpd.h
  • includes/functions.h
  • includes/globals.h
  • includes/httpd.h
  • includes/icmpflood.h
  • includes/ident.h
  • includes/includes.h
  • includes/irc_send.h
  • includes/keylogger.h
  • includes/loaddlls.h
  • includes/lsass.h
  • includes/lsass2.h
  • includes/misc.h
  • includes/mssql.h
  • includes/mssqllsass.h
  • includes/ndcass.h
  • includes/net.cpp
  • includes/net.h
  • includes/netbios.h
  • includes/netutils.h
  • includes/nicklist.h
  • includes/passwd.h
  • includes/pingudp.h
  • includes/processes.h
  • includes/rBot.h
  • includes/realcast.h
  • includes/redirect.h
  • includes/remotecmd.h
  • includes/rndnick.h
  • includes/scan.h
  • includes/secure.h
  • includes/shellcode.h
  • includes/skysyn.h
  • includes/socks4.h
  • includes/synflood.h
  • includes/sysinfo.h
  • includes/tcpflood.h
  • includes/tcpip.h
  • includes/tftpd.h
  • includes/thcsql.h
  • includes/threads.h
  • includes/visit.h
  • includes/wildcard.h
  • includes/wins.h
  • includes/winsql.h
  • includes/wkssvc.h
  • myshellcode.asm
  • rBot.dsp
  • rBot.dsw
  • rBot.ncb
  • rBot.opt
  • rBot.plg
    .html
  • reqbuf.bin
  • src/advscan.cpp
  • src/aliaslog.cpp
  • src/autostart.cpp
  • src/crc32.cpp
  • src/crypt.cpp
  • src/dcom.cpp
  • src/ddos.cpp
  • src/download.cpp
  • src/driveinfo.cpp
  • src/ehandler.cpp
  • src/findfile.cpp
  • src/fphost.cpp
  • src/ftpd.cpp
  • src/httpd.cpp
  • src/icmpflood.cpp
  • src/ident.cpp
  • src/irc_send.cpp
  • src/keylogger.cpp
  • src/loaddlls.cpp
  • src/lsass.cpp
  • src/lsass2.cpp
  • src/misc.cpp
    .vbs
  • src/mssql.cpp
  • src/mssqllsass.cpp
  • src/ndcass.cpp
  • src/netbios.cpp
  • src/netutils.cpp
  • src/pingudp.cpp
  • src/processes.cpp
  • src/rBot.cpp
  • src/realcast.cpp
  • src/redirect.cpp
  • src/remotecmd.cpp
  • src/rndnick.cpp
  • src/scan.cpp
  • src/secure.cpp
  • src/shellcode.cpp
  • src/skysyn.cpp
  • src/socks4.cpp
  • src/synflood.cpp
  • src/sysinfo.cpp
  • src/tcpflood.cpp
  • src/tftpd.cpp
  • src/thcsql.cpp
  • src/threads.cpp
  • src/visit.cpp
  • src/wildcard.cpp
  • src/wins.cpp
  • src/winsql.cpp
  • src/wkssvc.cpp