Overview

overview

10

Static

static

3

SilverRAT.exe

windows7-x64

10

SilverRAT.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    silver VIP.7z

  • Size

    19.1MB

  • Sample

    231202-qchx7sdb85

  • MD5

    e48489a474fe9577493449acaed19e9a

  • SHA1

    72be80497854ab8196f458905d47aa8e29472be0

  • SHA256

    a03552ade756a60ad757df03d72baeb181b156e15c793f35bfd4cee6b30f8f71

  • SHA512

    77107bcb7867f8b43c423686d2d1b235261ddb83ffe2f2d9839261bafce6b65457cbc9f5fa8088f45f052ecc2f0477dbd50260a8a3a759459ea7e3de63aaa4ef

  • SSDEEP

    393216:8+EdGI74H4QmKFSsLLm5DNw5rnA0NS3ybSoTF84Tj86ko:t0YY5KFhu5DNw5rJNS2784Mg

Score
10/10
agentteslaasyncratkeyloggerratspywarestealertrojan

Malware Config

Targets

    • Target

      SilverRAT.exe

    • Size

      19.9MB

    • MD5

      5f7063dedfda5c9d99fed5a824cecaf3

    • SHA1

      78810dae4c4e8f2732d9e368e38544ffea0d8484

    • SHA256

      a9fa8e14080792b67a12f682a336c0ea9ff463bbcb27955644c6fcaf80023641

    • SHA512

      c619d216e4b8db978ffdf3dca10048d582bf0e35fc56b8240b73228363cebb119b19ea14a5a7166f196fc9ea2f11cd1727b8badd077a911e0237d4a3bfa6201a

    • SSDEEP

      393216:w403aYHdHqY3GokR30NHvsYg5uE2KZ4dD4wFdYZUOyJANE0R:wDN1GokR30hsYg5u74wFiZUrJ0

    Score
    10/10
    agentteslaasyncratkeyloggerratspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • AgentTesla payload

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks