General
-
Target
RatClient.exe
-
Size
76.7MB
-
Sample
240524-ycdmgsha66
-
MD5
2f5b9df0e99a9e794b1b9636bfcebaf6
-
SHA1
d3fbe7a189fd68a91d53dc5fa2d7ddaea1f8b3e1
-
SHA256
e8a023196703876cf6c7dd4935801f65b80ae31cbbc2e88f6fc3827aa897ace7
-
SHA512
9df29e952ee74260d2147d49690cc4015737e593bf8bc5a953a0e01ba18a737aa46cefaa9cfc41cd622b11eaba2c0d662ef5c34ed16fd6d981037411d2817fbe
-
SSDEEP
1572864:fQLwaXnFP/V4f6Gj53ikjt4jRq2GqFOPV5GiIG2qHWB75iVZGzcW7vqaCXA:ftGt/VG6RmtCRlGPrcG2qHO5iVZecyVP
Behavioral task
behavioral1
Sample
RatClient.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
RatClient.pyc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
RatClient.exe
-
Size
76.7MB
-
MD5
2f5b9df0e99a9e794b1b9636bfcebaf6
-
SHA1
d3fbe7a189fd68a91d53dc5fa2d7ddaea1f8b3e1
-
SHA256
e8a023196703876cf6c7dd4935801f65b80ae31cbbc2e88f6fc3827aa897ace7
-
SHA512
9df29e952ee74260d2147d49690cc4015737e593bf8bc5a953a0e01ba18a737aa46cefaa9cfc41cd622b11eaba2c0d662ef5c34ed16fd6d981037411d2817fbe
-
SSDEEP
1572864:fQLwaXnFP/V4f6Gj53ikjt4jRq2GqFOPV5GiIG2qHWB75iVZGzcW7vqaCXA:ftGt/VG6RmtCRlGPrcG2qHO5iVZecyVP
Score7/10-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
RatClient.pyc
-
Size
112KB
-
MD5
28830cdcdda63a8228bfb7ae7ed8429e
-
SHA1
d2f1f9a46ecbfa1e7ddd6d25958bcb0c2ea95928
-
SHA256
b63a6186ca89b9dbd73a59d6e0673c1259060d078127722e421b2e7301c47e7e
-
SHA512
4e25059376b1355c013a4c6ceefc192e13a1134ef624bb782b6fe67decf5c307da3587a7870ce93ad7fa2a75acc91bd2c1f9c701b1841c37677c2335bf0c170a
-
SSDEEP
1536:DjNv0C054F+vt5pMYgxwG7SToG5ygRWVf8KMLU:DjNcCu4Mvt56ZJ7OygwVf8Kb
Score3/10 -