General

  • Target

    72cabad77d69e7701af2d31218ac4b7e.bin

  • Size

    158KB

  • MD5

    72cabad77d69e7701af2d31218ac4b7e

  • SHA1

    e781c9c87a30163cdef9b5f6f419c27f26e8f271

  • SHA256

    7f8cb35c0290b33bcb49876680340b63061a3fc1558c372a42d87ec21c03ed66

  • SHA512

    709ad82ff09dc32dac22e8aa431833b885f8df4a2e61279fde90b7dad771d55b9a318372d645b8538dee0fdb4aeaed36c1408be00f27c102734aad8bb83a067c

  • SSDEEP

    3072:LbzQH+0OoCthfbEFtbcfjF45gjryKKqH6JY2doszEmQotEPPcfPjBO8Y:LbzQe0ODhTEPgnjuIJzo+PPcfPjM8

Score
10/10

Malware Config

Extracted

Family

arrowrat

Botnet

Client

C2

single-point.gl.at.ply.gg:48752

Mutex

NuBrONaJi

Signatures

  • Arrowrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 72cabad77d69e7701af2d31218ac4b7e.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections