Overview

overview

10

Static

static

7

BouncyCast...to.dll

windows10-2004-x64

1

Compression7zip.dll

windows10-2004-x64

1

FastColore...ox.dll

windows10-2004-x64

1

Gry73.dll

windows10-2004-x64

1

Guna.UI2.dll

windows10-2004-x64

1

LiveCharts.Wpf.dll

windows10-2004-x64

1

LiveCharts.dll

windows10-2004-x64

1

MetroFramework.dll

windows10-2004-x64

1

Obfuscation.dll

windows10-2004-x64

1

QuickLZLibrary.dll

windows10-2004-x64

1

S500RAT.exe

windows10-2004-x64

10

Socks5.dll

windows10-2004-x64

1

SunnyUI.Common.dll

windows10-2004-x64

1

SunnyUI.dll

windows10-2004-x64

1

Svg.dll

windows10-2004-x64

1

Tulpep.Not...ow.dll

windows10-2004-x64

1

Vestris.Re...ib.dll

windows10-2004-x64

1

WinMic.dll

windows10-2004-x64

1

WinSound.dll

windows10-2004-x64

1

cGeoIp.dll

windows10-2004-x64

1

crack.exe

windows10-2004-x64

10

dnlib.dll

windows10-2004-x64

1

initialization.dll

windows10-2004-x64

1

lz4.AnyCPU.loader.dll

windows10-2004-x64

1

protobuf-net.dll

windows10-2004-x64

1

zxing.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    S500 RAT.rar

  • Size

    9.4MB

  • MD5

    88837b75720607f1c44ddff03510be64

  • SHA1

    d81336fd41336924b30ed56877e18ff119f2af89

  • SHA256

    1c757f9a1207133426cb3e337a7b32c28713bb764d8fd66a14995867f792ec85

  • SHA512

    d985dd203bf2846c283682be813d22cc7dc89e21fa52ff0de68adccfb202611753baa3a4303bec721d469be7759cc1f11def61d5f49a7582c14a5d4cf765db56

  • SSDEEP

    196608:Ckz5AKib1SAUmQK29VJ5z7Az8xJ7qxhMdcn4MUkhtiuOBp7KgzmECy4q7:7xg1xQK2NFkzA6MdA4MFMBp7nzme7

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Unsigned PE 25 IoCs

    Checks for missing Authenticode signature.

Files

  • S500 RAT.rar
    .rar
  • BouncyCastle.Crypto.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Chrome.ico
  • Compression7zip.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • FastColoredTextBox.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Gry73.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Guna.UI2.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • LiveCharts.Wpf.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • LiveCharts.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • MetroFramework.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • New Project 1.peu
  • Obfuscation.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • QuickLZLibrary.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • S500RAT.exe
    .exe windows x86


    Headers

    Sections

  • S500RAT.ico
  • Socks5.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • SunnyUI.Common.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • SunnyUI.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Svg.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Tulpep.NotificationWindow.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Vestris.ResourceLib.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • WinMic.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • WinSound.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • cGeoIp.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • crack.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • dnlib.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • initialization.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • lz4.AnyCPU.loader.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • protobuf-net.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • settings.xml
  • zxing.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections