Overview

overview

10

Static

static

10

Omega.exe

windows10-1703-x64

10

Resubmissions

05/05/2024, 08:51

240505-kr7l8aga93 10

05/05/2024, 08:47

240505-kp3kgscg4z 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Omega.exe

  • Size

    63KB

  • MD5

    1ba5604473dc21f5b38434ce6cd9f55d

  • SHA1

    4b36dcbb9a3e740fc69aec13e6517f255d8283a7

  • SHA256

    d1ecd597d69cca7893caa721619cc034eaccd57ca7a83cd290fb0caae0a6b0dd

  • SHA512

    0b4758ec4930a0a0513a985986dd1681ac2f597e955c06054be6a907f3806825eacde1b3b829b82e3ef75898929fac5a46ecc2fb554d88a34bb46337b836bd0e

  • SSDEEP

    1536:2D0MWSvPOobNio4AnkJVwW5wAIKZVclN:60MWSv2obNk0owTszY

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

127.0.0.1:8848

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_file

    NovaX.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Omega.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections