Overview
overview
9Static
static
7hacked cli...et.exe
windows10-1703-x64
7hacked cli...mi.exe
windows10-1703-x64
1hacked cli...te.exe
windows10-1703-x64
1hacked cli...v2.exe
windows10-1703-x64
7hacked cli...sy.exe
windows10-1703-x64
6hacked cli...ic.exe
windows10-1703-x64
1hacked cli...ea.exe
windows10-1703-x64
1hacked cli...id.exe
windows10-1703-x64
1hacked cli...on.exe
windows10-1703-x64
9hacked cli...ra.exe
windows10-1703-x64
9hacked cli...ga.exe
windows10-1703-x64
1hacked cli...in.exe
windows10-1703-x64
1Analysis
-
max time kernel
15s -
max time network
19s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
01-05-2024 00:51
Behavioral task
behavioral1
Sample
hacked client (rats) LMAO/Hermotet.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
hacked client (rats) LMAO/Itami.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
hacked client (rats) LMAO/Lithium-Lite.exe
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
hacked client (rats) LMAO/axentav2.exe
Resource
win10-20240404-en
Behavioral task
behavioral5
Sample
hacked client (rats) LMAO/ectasy.exe
Resource
win10-20240404-en
Behavioral task
behavioral6
Sample
hacked client (rats) LMAO/epic.exe
Resource
win10-20240404-en
Behavioral task
behavioral7
Sample
hacked client (rats) LMAO/icetea.exe
Resource
win10-20240404-en
Behavioral task
behavioral8
Sample
hacked client (rats) LMAO/koid.exe
Resource
win10-20240404-en
Behavioral task
behavioral9
Sample
hacked client (rats) LMAO/krypton.exe
Resource
win10-20240404-en
Behavioral task
behavioral10
Sample
hacked client (rats) LMAO/kura.exe
Resource
win10-20240404-en
Behavioral task
behavioral11
Sample
hacked client (rats) LMAO/vega.exe
Resource
win10-20240404-en
Behavioral task
behavioral12
Sample
hacked client (rats) LMAO/zoomin.exe
Resource
win10-20240404-en
General
-
Target
hacked client (rats) LMAO/zoomin.exe
-
Size
383KB
-
MD5
bc3cd5942f707ce50cc5e1e141d2313e
-
SHA1
6ecc49dd6ea7b641a641f5f9a260483a21fd6350
-
SHA256
9bcdb52a2a3f1ebad2b546042f660f39f1eb4cc4487dfbf50282e9a3b8492eef
-
SHA512
c2c46e83b85f8b131cc27829891ed77b1dd0294e4c6d1cd14b1853c8aa958e140a64e357ae1a43a737272afbfa9dae576ebc678429c2d8e1a16557b579c6e8fc
-
SSDEEP
6144:knRL7qME7uPOB+qUxO+Nsh98jO/6X+ZVrG5ddGatYmnerGVFJEEt:qnJavMqUxOfVrGVemnhPE
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
zoomin.exepid process 4296 zoomin.exe