Overview

overview

10

Static

static

10

SheetRat/C...er.exe

windows7-x64

3

SheetRat/C...er.exe

windows10-2004-x64

3

SheetRat/G...re.dll

windows7-x64

1

SheetRat/G...re.dll

windows10-2004-x64

1

SheetRat/G...ms.dll

windows7-x64

1

SheetRat/G...ms.dll

windows10-2004-x64

1

SheetRat/I...or.dll

windows7-x64

1

SheetRat/I...or.dll

windows10-2004-x64

1

SheetRat/I...ip.dll

windows7-x64

1

SheetRat/I...ip.dll

windows10-2004-x64

1

SheetRat/M...gn.dll

windows7-x64

1

SheetRat/M...gn.dll

windows10-2004-x64

1

SheetRat/M...ts.dll

windows7-x64

1

SheetRat/M...ts.dll

windows10-2004-x64

1

SheetRat/M...rk.dll

windows7-x64

1

SheetRat/M...rk.dll

windows10-2004-x64

1

SheetRat/NAudio.dll

windows7-x64

1

SheetRat/NAudio.dll

windows10-2004-x64

1

SheetRat/N...on.dll

windows7-x64

1

SheetRat/N...on.dll

windows10-2004-x64

1

SheetRat/P...un.dll

windows7-x64

1

SheetRat/P...un.dll

windows10-2004-x64

1

SheetRat/P...sk.dll

windows7-x64

1

SheetRat/P...sk.dll

windows10-2004-x64

1

SheetRat/P...at.dll

windows7-x64

1

SheetRat/P...at.dll

windows10-2004-x64

1

SheetRat/P...rd.dll

windows7-x64

1

SheetRat/P...rd.dll

windows10-2004-x64

1

SheetRat/P...os.dll

windows7-x64

1

SheetRat/P...os.dll

windows10-2004-x64

1

SheetRat/P...er.dll

windows7-x64

1

SheetRat/P...er.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SheetRat 2.6.rar

  • Size

    33.3MB

  • Sample

    240722-rq95aashkq

  • MD5

    b9dd02437fd962a0b233e21b04bfcc5c

  • SHA1

    02be658c5e17858b6e0d971f98e19f4dae5a7028

  • SHA256

    9c722efda237af4e856b06657c20ad677d6c75ea33a033e28fa3f522039b5eae

  • SHA512

    205b2df67b5e361386ac000cc84af25b4209cc8756e0d206229e111200f5f511efa8351d6a56934099754c524f2f55783c923a84c55817e0844cd6d6e8c5c29a

  • SSDEEP

    786432:oIISITJFqDYrajwvTW7tAAwbuTGN2xxP7a9hJl6L6jJXEl:oIISItFqEajCW56N2xxP7a9EKlO

Score
10/10
asyncratxmrigminerpyinstallerrat

Malware Config

Targets

    • Target

      SheetRat/Confused/Server.exe

    • Size

      1.8MB

    • MD5

      2f4953747860b6b9f5e2d281ad7b33ed

    • SHA1

      b3c494f18efc33201bfeb70c46a20305e9e6a4c1

    • SHA256

      b497e24534343529d5393ebdbb2d9f7418ee984621a1ac17c61f6b69a19ea548

    • SHA512

      e64337f8cb3491b0962c9caa6a44fb6dbeb4d439b1ea9959475b85244537ada732a894199c77f56c92fa28f676ffac371c84769acdcac7400493f9042710c765

    • SSDEEP

      24576:IpU3em+XAPv+yqIflXp8QuPPWijaVjZ3XNS/c6vRpoEosA7iNP:HL+pynt5eFWVjZHN8Tis4iNP

    Score
    3/10
    behavioral1behavioral2

    • Target

      SheetRat/GMap.NET.Core.dll

    • Size

      2.9MB

    • MD5

      819352ea9e832d24fc4cebb2757a462b

    • SHA1

      aba7e1b29bdcd0c5a307087b55c2ec0c7ca81f11

    • SHA256

      58c755fcfc65cddea561023d736e8991f0ad69da5e1378dea59e98c5db901b86

    • SHA512

      6a5b0e1553616ea29ec72c12072ae05bdd709468a173e8adbdfe391b072c001ecacb3dd879845f8d599c6152eca2530cdaa2c069b1f94294f778158eaaebe45a

    • SSDEEP

      49152:ot12Gb/hz7ZsK9qY5uyUW57VC4IB1+fXhQ1hyCzMw/22fSg7gjxhUE/nbTC0xemh:oLbteKb57W1+PhQ1HM1gmJ/SZmh

    Score
    1/10
    behavioral3behavioral4

    • Target

      SheetRat/GMap.NET.WindowsForms.dll

    • Size

      147KB

    • MD5

      32a8742009ffdfd68b46fe8fd4794386

    • SHA1

      de18190d77ae094b03d357abfa4a465058cd54e3

    • SHA256

      741e1a8f05863856a25d101bd35bf97cba0b637f0c04ecb432c1d85a78ef1365

    • SHA512

      22418d5e887a6022abe8a7cbb0b6917a7478d468d211eecd03a95b8fb6452fc59db5178573e25d5d449968ead26bb0b2bfbfada7043c9a7a1796baca5235a82b

    • SSDEEP

      3072:k1GmgYqIY/0YSDBRGlDUqL63budipxj64m8HWYh3vHbFwMhLJSb+:lIO6rGloqL63qW62lJ

    Score
    1/10
    behavioral5behavioral6

    • Target

      SheetRat/IconExtractor.dll

    • Size

      10KB

    • MD5

      640d8ffa779c6dd5252a262e440c66c0

    • SHA1

      3252d8a70a18d5d4e0cc84791d587dd12a394c2a

    • SHA256

      440912d85d2f98bb4f508ab82847067c18e1e15be0d8ecdcff0cc19327527fc2

    • SHA512

      e12084f87bd46010aded22be30e902c5269a6f6bc88286d3bef17c71d070b17beada0fe9e691a2b2f76202b5f9265329f6444575f89aff8551c486eafe4d5f32

    • SSDEEP

      192:7f77J4cGYyfQknxLvIgyLY5xJeU5pPpZlEAs:HS2yINgyLYLJR5wl

    Score
    1/10
    behavioral7behavioral8

    • Target

      SheetRat/Ionic.Zip.dll

    • Size

      451KB

    • MD5

      6ded8fcbf5f1d9e422b327ca51625e24

    • SHA1

      8a1140cebc39f6994eef7e8de4627fb7b72a2dd9

    • SHA256

      3b3e541682e48f3fd2872f85a06278da2f3e7877ee956da89b90d732a1eaa0bd

    • SHA512

      bda3a65133b7b1e2765c7d07c7da5103292b3c4c2f0673640428b3e7e8637b11539f06c330ab5d0ba6e2274bd2dcd2c50312be6579e75c4008ff5ae7dae34ce4

    • SSDEEP

      6144:leSYvQAd10GtSV41OJDsTDDVUMle6ZjxLV/rHo0Oaaz2R9IY:oJBdBS4msNUCe65frHMnz2R9

    Score
    1/10
    behavioral10behavioral9

    • Target

      SheetRat/MetroFramework.Design.dll

    • Size

      16KB

    • MD5

      ab4c3529694fc8d2427434825f71b2b8

    • SHA1

      7be378e382e43eae84f1567b3570bca9a67e7697

    • SHA256

      0a4a96082e25767e4697033649b16c76a652e120757a2cecab8092ad0d716b65

    • SHA512

      02d7935f68c30457da79ad7b039b22caed11d8aedfec7c96619ac6da59ceb7c5e7a758dced64ec02d31c37a2befccdc8eb59be9e2dc849aa2bc22fabb5fa00a5

    • SSDEEP

      384:HYAB8KPALBamLG3gckiBTVU6sgFf5L7WTOYKpKG4rw:HyLBamS3gckiBTVkgiVXr

    Score
    1/10
    behavioral11behavioral12

    • Target

      SheetRat/MetroFramework.Fonts.dll

    • Size

      656KB

    • MD5

      65ef4b23060128743cef937a43b82aa3

    • SHA1

      cc72536b84384ec8479b9734b947dce885ef5d31

    • SHA256

      c843869aaca5135c2d47296985f35c71ca8af4431288d04d481c4e46cc93ee26

    • SHA512

      d06690f9aac0c6500aed387f692b3305dfc0708b08fc2f27eaa44b108908ccd8267b07f8fb8608eef5c803039caeabf8f88a18b7e5b1d850f32bbb72bcd3b0b7

    • SSDEEP

      12288:O+/9JcJlYqCNktA+SXfGpq2fHowSqCNktA+SXfvJR9FrIJJaqCNktA+SXfUC:O+/3qlrCNoh+UqgIwhCNoh+JR9FrIJJw

    Score
    1/10
    behavioral13behavioral14

    • Target

      SheetRat/MetroFramework.dll

    • Size

      345KB

    • MD5

      34ea7f7d66563f724318e322ff08f4db

    • SHA1

      d0aa8038a92eb43def2fffbbf4114b02636117c5

    • SHA256

      c2c12d31b4844e29de31594fc9632a372a553631de0a0a04c8af91668e37cf49

    • SHA512

      dceb1f9435b9479f6aea9b0644ba8c46338a7f458c313822a9d9b3266d79af395b9b2797ed3217c7048db8b22955ec6fe8b0b1778077fa1de587123ad9e6b148

    • SSDEEP

      6144:M4S7k5hdCpU4YqfkUGz6KpQQZQHDXjNCdOZgLdL5DXBK:M4S7k5hdCEQHP1Zgj

    Score
    1/10
    behavioral15behavioral16

    • Target

      SheetRat/NAudio.dll

    • Size

      464KB

    • MD5

      2e68aeb46e26a29ffe74cf97b94cbaf0

    • SHA1

      9384fa2946f744be3b47e131df14cbc0632052d2

    • SHA256

      8e347abc9301d67dd7493a0fbbe5cc1f912900c204a84220cc8cdf0e0b8df0de

    • SHA512

      39e56b0dd316e9a927ffeff486969f2a472f9b262b6a131afa60c34baa01784cde9cc6944f1a46ee73f3cc7135cb0049cc5a4bdfa419fab37667829522f6e7c9

    • SSDEEP

      6144:igY2UEI+85kQDHzER++2a4cSuEsHTyRwl0AYTA7qkpRMUwbX/1rFXF:TY/HXQl40HHdS4qYWN1F

    Score
    1/10
    behavioral17behavioral18

    • Target

      SheetRat/Newtonsoft.Json.dll

    • Size

      695KB

    • MD5

      195ffb7167db3219b217c4fd439eedd6

    • SHA1

      1e76e6099570ede620b76ed47cf8d03a936d49f8

    • SHA256

      e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d

    • SHA512

      56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac

    • SSDEEP

      12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/

    Score
    1/10
    behavioral19behavioral20

    • Target

      SheetRat/Plugins/AutoRun.dll

    • Size

      12KB

    • MD5

      2d1298818aa582a1f1dd51dedf879cbf

    • SHA1

      429d01cabab977bcade38754ed28d8793ce1592d

    • SHA256

      f8c4e2f96fe1030a276cd7fb6c5e5a0a675f953f2b33db08fdff3d472658d098

    • SHA512

      0f482a322df5ee24c99348ea084bb358e37c7a8137afa46132aa7c06f1119c12b5ac711344263eb9556ce179738bebe58af6fd72c57933d8ae2a7d60dfba71fd

    • SSDEEP

      192:MIoRKIwOQJOsOTtiavNAf9/HFd8BPCP2a2uPzNcg8wFlxUSod:aRKDOaOsOTtiaVk9/lYPCP2a2uxZISM

    Score
    1/10
    behavioral21behavioral22

    • Target

      SheetRat/Plugins/AutoTask.dll

    • Size

      95KB

    • MD5

      4cf1872f764b48691f7a1699c0de8448

    • SHA1

      1576883f83d5c2fc1f35b5387e077eb3de620bb7

    • SHA256

      c6b04c5d6663a952b9a548936ec3c505905c82ed6479961a1753fb031a1656cd

    • SHA512

      429cf7c1078625481709485cbc4f7cd8119dd08091e6552c725f505cff0c3bc27997ad76191cb6fcb39b3f849c785719dd785c24bf3bc02d62f51aceee873bbf

    • SSDEEP

      1536:XpLLddrrRW8yyQQSScDB33ZZXXVK5vc7IrZdbWDNv6piPUiR+IpQpB+rmT71s/ws:XpLLddrrRW8yyQQSScDB33ZZXXVKpc7F

    Score
    1/10
    behavioral23behavioral24

    • Target

      SheetRat/Plugins/Chat.dll

    • Size

      14KB

    • MD5

      61f46a6a9dd8464648fc70402aad5fa7

    • SHA1

      6f527ab6fc489df4c3882ab32f9cbcf3abc2f17f

    • SHA256

      68c12c72a722fbf333352aad3308d297642e81d3298a9db7a10fbaf9042aea52

    • SHA512

      44263c4bad2d2c17a1e87d682dada5855c31c8018ea8f28aaec5746a87643c29aa1554bc8a8da774f2bd43dc9009f4e721191c9fbe3a12b60c85ce028e556256

    • SSDEEP

      192:fclXwW7eCEW0aGMuisfC5GsTT9gsn9Tu5IPa9iiAKxfjd:Ulg2eBH7isK5Gs+09Tu5IPpiA4fjd

    Score
    1/10
    behavioral25behavioral26

    • Target

      SheetRat/Plugins/Clipboard.dll

    • Size

      9KB

    • MD5

      d923f938fa89c84fe23cc827e4d71724

    • SHA1

      9c9a4d7a8b15b2e4a192f6d961c1241cb4d5326e

    • SHA256

      343c783191ce6fa824d6b64cb870b1f7fd41fe4cbdf0e17600d3615c444faa41

    • SHA512

      bc6766b5ba446034933a7031435056bbc93ce3f1ec2bbc8a6a98e4b0fa7bc708732b6c7bb4abf3dc7aba277b6f76100540fdb9ba85d8672d0cc778a4c3efd9ec

    • SSDEEP

      96:YCM73NjKIwOQcOsOC2708r4l+RnMqPM2cwRM92tTHoMbqLO:1iJKIwOQcOsOz7Jrh1WAC4tTIMbqq

    Score
    1/10
    behavioral27behavioral28

    • Target

      SheetRat/Plugins/DDos.dll

    • Size

      46KB

    • MD5

      c7a7a344b4e23bb4265b73505f1ad73d

    • SHA1

      126a4789db270e808a0ba8f7ade9b4a2f25b2637

    • SHA256

      ab6e77623d85c5c79798966105d24abaedf264c7c27762ce8a59752192638a7a

    • SHA512

      1152f0486f47a059fb9a2b904704d507a8b76270dae343b45900e50e636e340dd5e67914e57dd957493dcfdb18873398847f146556972ba8934c9186a167064c

    • SSDEEP

      768:VIgSs5YPhaEDOVrqEkhshVh5hnh3hJhvh4nBlTOrktdzdxGqObI9DjWROeZ7:VIu8JOgEkWj/RxfZwQOet

    Score
    1/10
    behavioral29behavioral30

    • Target

      SheetRat/Plugins/FileManager.dll

    • Size

      495KB

    • MD5

      55d4b8e492a76539047b0e4ee1bf1c17

    • SHA1

      71443b814c0df05bc7e039d9d2ee201936e91b90

    • SHA256

      d77ec15d4e5b29333806cef28612a5116a7004957e7cddd13b82f3b9f6b46ec5

    • SHA512

      4c20a537f314634b7928551794db4fc2eb9d76f3ab2efcfc104704a24d29973a8ba7df8c892befc7511f54758b41cfde39dac4eb10862377840c8b808eb4a6c0

    • SSDEEP

      6144:ZI10mIHHP5HyGtSV41QJDsTDDtUMle6ZjxLV/u9HnAdKXy:o0mEZpS4YsVUCe65fu9aKX

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

ratpyinstallerminerasyncratxmrig
Score
10/10

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10