General

  • Target

    Client.exe

  • Size

    158KB

  • MD5

    530f0cd9dd681beb9e1f941b4f065592

  • SHA1

    657a70a6fe8b704b3cb0bdf3a7bcc440d0bcb189

  • SHA256

    ec10e8325b6c955e29f74034691df96dc789407043b3b6a9e4117190d7e3372c

  • SHA512

    deeb66e0d8751f282f3a73494636d5ba8ccb8682c05ce441a33fa043859e74a5af4c7b3912e1ea53cebdf75b4206e68512a76c3436d502eaaa53f8cfdd4b472c

  • SSDEEP

    3072:gbzbDH+0OoCthfbEFtbcfjF45gjryKKqH6JY2doszEmQotEPPcfPSSO8Y:gbzbDe0ODhTEPgnjuIJzo+PPcfPSN8

Score
10/10

Malware Config

Extracted

Family

arrowrat

Botnet

Client

C2

192.168.56.1:1337

Mutex

ZTDIAGFVu

Signatures

  • Arrowrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Client.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections