Overview

overview

10

Static

static

10

d242df7f2b...75.exe

windows7-x64

10

d242df7f2b...75.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2aeeb429e9290526b96bf4b58b2411ad.bin

  • Size

    149KB

  • MD5

    9f357047dacad782c61a4fe18467085b

  • SHA1

    9155da06c3f81b9c4e704c98fd34e649dc4b0bd6

  • SHA256

    d144d29c8cdbdba8377fe263ab9996b562b9925c59588a0b17f132723408293b

  • SHA512

    62c09d63d59cae9ac9cfe36d0ebef9bc40d83d9f0af9b73d2e82ca0ef539ed80a018957fc4ba422345c3e1982f0795c8083d68e7e8ecf5e0d13e53f8579c6a2b

  • SSDEEP

    3072:pGqG1vg1DlZHEVWccepmkTtYOTN/fd70BY09cCXHp+6I:oqGa1D7EA2pmiB/B0B36CXp+b

Score
10/10
ratasyncratstormkittyxworm

Malware Config

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Detect Xworm Payload 1 IoCs
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2aeeb429e9290526b96bf4b58b2411ad.bin
    .zip

    Password: infected

  • d242df7f2b38186e3ff903b28119c09883df033ba2519e9b5f19eb0652f78975.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections