Overview

overview

10

Static

static

3

Trillium_S...se.zip

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Trillium_Security_MultiSploit_Tool_v6.5.21_Release.zip

  • Size

    28.5MB

  • Sample

    230924-m5h7wsfb97

  • MD5

    3a850f102c88ce2ad36ab25aa763607d

  • SHA1

    5c837a88ce8619990d136467c628d22db7ff226a

  • SHA256

    657f7eb78797e7b04557c0be8bfc7446e6cc18c60841245130401d7e55b2e1e6

  • SHA512

    8fc0d654995860489e07379b5c1ca55d4fecc35d929f458f48a2ef0e56673dbf546aa2b7b36d26547d9223a98c83ef14333d463fb427a7c79253e65e3d95421b

  • SSDEEP

    786432:8vfyZ/+o/1NIk2NhtGHisWmRcPVbHlxvplXiOo:8vkZ1NIkShoHisfabFRph2

Score
10/10
limeratrat

Malware Config

Targets

    • Target

      Trillium_Security_MultiSploit_Tool_v6.5.21_Release.zip

    • Size

      28.5MB

    • MD5

      3a850f102c88ce2ad36ab25aa763607d

    • SHA1

      5c837a88ce8619990d136467c628d22db7ff226a

    • SHA256

      657f7eb78797e7b04557c0be8bfc7446e6cc18c60841245130401d7e55b2e1e6

    • SHA512

      8fc0d654995860489e07379b5c1ca55d4fecc35d929f458f48a2ef0e56673dbf546aa2b7b36d26547d9223a98c83ef14333d463fb427a7c79253e65e3d95421b

    • SSDEEP

      786432:8vfyZ/+o/1NIk2NhtGHisWmRcPVbHlxvplXiOo:8vkZ1NIkShoHisfabFRph2

    Score
    10/10
    limeratrat

    • LimeRAT

      Simple yet powerful RAT for Windows machines written in .NET.

      ratlimerat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks