General
-
Target
RAT COURSE $300 (LEAKED).zip
-
Size
269.5MB
-
Sample
240525-elca8sdg7x
-
MD5
fdaf474985ce95f81f8873a2d51da68a
-
SHA1
185997a7fdbc5866c0db7be2073addc9dbcac788
-
SHA256
7d03e336cd249751d967c9e6dcd6602e93352f44e77079775222a3eccf8c0b5e
-
SHA512
7ca132ca99c28ccba61c94d94aa94d92dc6b7dc1cade3abda5a2e84456490b80541cf24401bd92d56bfa436f91eef4496b4791ed234a3baf8ccdacd4cb40dbcb
-
SSDEEP
6291456:wEeTxKQ2fbm8/e0/F5Mbn46qF+dpZ3nF3eFaDwFd1x3JZJX08D3m32FAwm:wEeEJfbmC7/8bXqF+dx3eFdFdzJXdFY
Static task
static1
Behavioral task
behavioral1
Sample
RAT COURSE $300 (LEAKED).zip
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
RAT COURSE $300 (LEAKED).zip
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
RAT COURSE $300 (LEAKED)/RAT TOOL FULL FEATURE.zip
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
RAT COURSE $300 (LEAKED)/RAT TOOL FULL FEATURE.zip
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
RAT TOOL FULL FEATURE/888 Rat v1.2.6.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
RAT TOOL FULL FEATURE/888 Rat v1.2.6.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
RAT COURSE $300 (LEAKED).zip
-
Size
269.5MB
-
MD5
fdaf474985ce95f81f8873a2d51da68a
-
SHA1
185997a7fdbc5866c0db7be2073addc9dbcac788
-
SHA256
7d03e336cd249751d967c9e6dcd6602e93352f44e77079775222a3eccf8c0b5e
-
SHA512
7ca132ca99c28ccba61c94d94aa94d92dc6b7dc1cade3abda5a2e84456490b80541cf24401bd92d56bfa436f91eef4496b4791ed234a3baf8ccdacd4cb40dbcb
-
SSDEEP
6291456:wEeTxKQ2fbm8/e0/F5Mbn46qF+dpZ3nF3eFaDwFd1x3JZJX08D3m32FAwm:wEeEJfbmC7/8bXqF+dx3eFdFdzJXdFY
Score1/10 -
-
-
Target
RAT COURSE $300 (LEAKED)/RAT TOOL FULL FEATURE.zip
-
Size
74.5MB
-
MD5
bc4b224d8e329e339d8e88af6d660234
-
SHA1
66a786004d14c789d8d7f065a6e76db0d4c61b2c
-
SHA256
26fd4d9bb941267d61479569eb5f2e79f685ac7e2757fb94a4d78c781b6cc524
-
SHA512
95b8b8abaf455d733dbfdbf4b2cf4c4508c35b2781e05314274f3c97f20047e51a2202892d84996d18c9e6de583619a270129d601b07032b1b0420bb2297aeab
-
SSDEEP
1572864:d02bZJsczjrcr/MtOvLQvF/JX9h1XauCx1ziw2FebpuuXZmRG:dJZJsEfcYtOvLQDNN8ziw2F65kRG
Score1/10 -
-
-
Target
RAT TOOL FULL FEATURE/888 Rat v1.2.6.exe
-
Size
75.0MB
-
MD5
ad33064a9ca95c5b3ed45c14b7fe2739
-
SHA1
0bd1286fa5fd936a31a4514798daffa444ce8e12
-
SHA256
5a14099abd6fe4b396094db7f9911251b25cd57893e14f97a7e7c5f44337bc98
-
SHA512
acb056e217edef4639179b24193a454f7e5aade51c1cc972e0458fc23c0ad982323161ad37050a4d849641dbf84719707efdcf4c99ecdf413381e5a752413647
-
SSDEEP
1572864:5mhnD+9mK/LnkHD1LYrXatfLllR3RboTmxXlIgU/cNruKPZiv:6nD+UozkJLYrXajR4ElIgU/c5Qv
Score10/10-
Android 888 RAT payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-