arrowrat | cc76904d05570a4e0d1447856abba4a2f71d9867790691947c62eb9fcbff78aa | Triage

Sharing

General

Target

1684-191-0x0000000000400000-0x000000000042C000-memory.dmp
Size

176KB
Sample

230518-2fcq5sea68
MD5

080b3a1a23e9437b8d76bd2a3fc46c8d
SHA1

6839925acbcd5ed1ad56daa4bad7a6057cc27f33
SHA256

cc76904d05570a4e0d1447856abba4a2f71d9867790691947c62eb9fcbff78aa
SHA512

410d7641e6357ccb9bdd9adfb39a400926f0e1006bafdd37f2b350a7edc3e4be8fe6665b09da26a3ba52466ded4fc3eeb9720c51c2a951f1f2db3b6b9297843c
SSDEEP

3072:+bRi+0O5VbFHexuiCrK0ovzNC0Fie+5cVjvn+sZCh8/Qb0b68Y:+bRn0OLoxuiCNovpke+cvnOaQx8

Score

10^/10

arrowrat client

Malware Config

Extracted

Family

arrowrat

Botnet

Client

C2

185.252.178.121:1337

Mutex

qCDAaGyIF

Targets

- Target
  
  1684-191-0x0000000000400000-0x000000000042C000-memory.dmp
- Size
  
  176KB
- MD5
  
  080b3a1a23e9437b8d76bd2a3fc46c8d
- SHA1
  
  6839925acbcd5ed1ad56daa4bad7a6057cc27f33
- SHA256
  
  cc76904d05570a4e0d1447856abba4a2f71d9867790691947c62eb9fcbff78aa
- SHA512
  
  410d7641e6357ccb9bdd9adfb39a400926f0e1006bafdd37f2b350a7edc3e4be8fe6665b09da26a3ba52466ded4fc3eeb9720c51c2a951f1f2db3b6b9297843c
- SSDEEP
  
  3072:+bRi+0O5VbFHexuiCrK0ovzNC0Fie+5cVjvn+sZCh8/Qb0b68Y:+bRn0OLoxuiCNovpke+cvnOaQx8
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2