Overview

overview

10

Static

static

10

the sigma.exe

windows7-x64

10

the sigma.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    the sigma.exe

  • Size

    63KB

  • MD5

    bfa13d47f716c3d4d0a66b26fc3e60d3

  • SHA1

    6fcb96447e669c93d3ae8dc5711443ca12f4418f

  • SHA256

    5088490992a19c7447b7d8a0dfc58e0d04f3587c85ce45fb92c3e88f193d36c5

  • SHA512

    75b07ef7ded10d1b9ccb0899c6be371b1deede89ff2a2aaf5e2477e9c4fb7ce09e418af800ff95accc35de182192c333c6d229d210430e15d7e3779c60ae43c5

  • SSDEEP

    1536:t/i4Wk8amDrRH8+AUbjh9qiYuZCdpqKmY7:Zrbz2AUbjSGz

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:8989

127.0.0.1:36335

menu-installations.gl.at.ply.gg:8989

menu-installations.gl.at.ply.gg:36335
Mutex

vHoqCI弗RاTΘYץoIاk

Attributes
  • delay

    1

  • install

    true

  • install_file

    $77thing.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • the sigma.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections