Overview

overview

10

Static

static

10

destroyer ...e}.exe

windows10-1703-x64

10

Resubmissions

03-09-2023 10:39

230903-mp6y1shf25 10

02-09-2023 09:45

230902-lrasxsca85 10

02-09-2023 08:49

230902-kq6njabh92 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    destroyer recode_loader {r3name}.exe

  • Size

    1.6MB

  • MD5

    aa4f6f2b2f549314e094b15d3a657b3a

  • SHA1

    0c85ab6e8bb895b9180f4bd90a339abaa35d4b45

  • SHA256

    c666563ce9a07e46470387eb18cbd281b7bb3f6da0a3866a10a7173fa91ecbd5

  • SHA512

    6624915e298a5aba514bcb7ac1bd471ac48e97de4d9d0db3edd41d7cc2d3f490de7f049b6bb0d6c87ce3772b287452b63b7214eddb04abb7edf6eb44853b0df2

  • SSDEEP

    24576:wxlZ8w+NYt1v0J++P2+2G/nvxW3Ww0tyz2/m9e9txfud/nhEl08YSXd:wjZiC4DbA300qm9KsJEVtXd

Score
10/10
ratdcratneshtaprivateloader

Malware Config

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

    rat
  • Dcrat family
    dcrat
  • Detect Neshta payload 1 IoCs
  • Neshta family
    neshta
  • Privateloader family
    privateloader
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • destroyer recode_loader {r3name}.exe
    .exe windows x86


    Headers

    Sections