General

  • Target

    Client.exe

  • Size

    158KB

  • MD5

    d0a55dda2e691dbb7eedcd02cc7eaffa

  • SHA1

    37433d28c8f89e0f3b63e145d592e86e9da9b22f

  • SHA256

    0a53456ad2ce6a20c459e38a8fb0be2751c7543a0d8a47f52bb48a8b6d24d335

  • SHA512

    de5975c1c76799649b917b5e43c681ea2aff06813f43d363d4dc2ec8c99d33ba17026cb07a26931e6f637e26add9090be0eccc95f753f625461c75fe2b07327a

  • SSDEEP

    3072:wbzmH+0OoCthfbEFtbcfjF45gjryKKqH6JY2doszEmQotEPPcfPzdO8Y:wbzme0ODhTEPgnjuIJzo+PPcfPzQ8

Score
10/10

Malware Config

Extracted

Family

arrowrat

Botnet

Client

C2

26.137.109.175:1337

Mutex

pqjvqGUKv

Signatures

  • Arrowrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Client.exe
    .exe windows:4 windows x86 arch:x86

    Password: asd

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections