888rat | f3312ae135274af9cb757246376d2309f6feedf27476099d7b987b78bd61bca7 | Triage

Submit
Reports

Overview

overview

Static

static

be240429f6...c0.dll

windows7-x64

3

be240429f6...c0.dll

windows10-2004-x64

1

Resubmissions

30-04-2024 21:32

240430-1dsh5sgb5w 10

26-12-2023 17:34

231226-v5wrzsabgn 10

13-12-2023 16:11

231213-tmycesfacp 10

Sharing

General

Target

13478994921.zip
Size

44.4MB
Sample

240430-1dsh5sgb5w
MD5

44d3f87708aba8171f36a82a9093de63
SHA1

e6649e277bd431283237a69358e2d8224f08901f
SHA256

f3312ae135274af9cb757246376d2309f6feedf27476099d7b987b78bd61bca7
SHA512

929e839104a46651958fd0c9c88a6de6545200c27cdc4ed61276e8b2ae561fb8d28d830916cae03c8285b1e09c4245fe94c36c70dbfdefd946a57ddc1f353bf1
SSDEEP

786432:dqQIaM8wVO5gcEk9GzTTps9KLP0HIzyB1tsxkYYSM0HoqegVFKKaxTIC:dBIEfT9GTpMKL8HFBYYSMsSx

Score

10^/10

888rat ardamax evilnum growtopia guloader icedid legionlocker loaderbot m00nd3v_logger masslogger matiex metasploit nanocore netwire snakekeylogger teardrop xmrig agilenet backdoor dropper guloader infostealer link loader miner pdf ransomware rat rezer0

Static task

static1

agilenet guloader loader infostealer rat miner rezer0 ransomware pdf link dropper backdoor 888rat guloader icedid loaderbot m00nd3v_logger matiex netwire snakekeylogger xmrig ardamax evilnum legionlocker masslogger teardrop growtopia metasploit nanocore

37 signatures

Behavioral task

behavioral1

Sample

be240429f6a9f67df22429d9fac5c22c887a65dae26f0af0b705ada8b61060c0.dll

Resource

win7-20240419-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

be240429f6a9f67df22429d9fac5c22c887a65dae26f0af0b705ada8b61060c0.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Extracted

Family

metasploit

Version

windows/reverse_nonx_tcp

C2

10.10.1.21:4444

Targets

- Target
  
  be240429f6a9f67df22429d9fac5c22c887a65dae26f0af0b705ada8b61060c0
- Size
  
  154.8MB
- MD5
  
  9dae649039736ebce04c0a381f64e0fe
- SHA1
  
  f50767804a693308e5e907bc22fa4c13e7ffb9cf
- SHA256
  
  be240429f6a9f67df22429d9fac5c22c887a65dae26f0af0b705ada8b61060c0
- SHA512
  
  d1e213b944a1cd9524f09ee4f723fba82eb6f2d8f74e49f6a0ca37603d82ad0eb398df283ee881b8c4d28c541b2ecda665aea715f36022804c4422bf7ad75e33
- SSDEEP
  
  786432:+xht4Uz95Mqkwog0cm9K7W1WrPVEZOgFQww9M2CCSY9H0suLsqZZ:MOQogrm473rPVE0Pdq2CCNDYbZZ
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

agilenetguloaderloaderinfostealerratminerrezer0ransomwarepdflinkdropperbackdoor888ratguloadericedidloaderbotm00nd3v_loggermatiexnetwiresnakekeyloggerxmrigardamaxevilnumlegionlockermassloggerteardropgrowtopiametasploitnanocore

behavioral1

behavioral2

© 2018-2024

Terms | Privacy