Overview

overview

10

Static

static

10

e093e99088...2c.exe

windows7-x64

10

e093e99088...2c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e093e99088a1e13e12e64150778ce72c

  • Size

    28KB

  • MD5

    e093e99088a1e13e12e64150778ce72c

  • SHA1

    bd109b4eea2b8804cfc7b1351ad79a6d1f044dd9

  • SHA256

    c1bfda3a4ac6fd27e2947c4ad863ba554cb25dff909fe26ce739a50c2752a0a3

  • SHA512

    16a5f5dfaad54883aad6e128650afbac47e58e55de6a0627c456c00b648db16fc9e2e8bfb525c81e7e5ac0c737e3df2fba5ea174ecb433b3bd2c24cb969fd8bb

  • SSDEEP

    384:jECWna6X7ehaDgcmfKHDMzCJojHYvnjvD6Nr/uJEnjJUDxrlr3ZLPikbMgntPTr3:ueEcWHDmMlDQNdUdB3zbVt8Jijykb

Score
10/10
limerat

Malware Config

Extracted

Family

limerat

Wallets

1KR7iRAoTeUdZ4KiiASRcdcbpMv2yi5wJ7

Attributes
  • aes_key

    janonn

  • antivm

    false

  • c2_url

    https://pastebin.com/raw/2hFCdHWq

  • delay

    3

  • download_payload

    false

  • install

    true

  • install_name

    WindowsUpdate.exe

  • main_folder

    UserProfile

  • pin_spread

    false

  • sub_folder

    \WindowsUpdate\

  • usb_spread

    false

Signatures

  • Limerat family
    limerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e093e99088a1e13e12e64150778ce72c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections