Analysis
-
max time kernel
1s -
max time network
6s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
20-09-2024 17:33
Static task
static1
Behavioral task
behavioral1
Sample
DoomRat.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
DoomRat.exe
Resource
win10v2004-20240802-en
General
-
Target
DoomRat.exe
-
Size
12.1MB
-
MD5
b6f21ecc31778ba2362958d1e5091759
-
SHA1
613dbf4e682fe14b8617908113fc5c7ba05de16a
-
SHA256
94bd1fa65b9ee3fe4be830326ebcd918609ee260797391d1af8aa4ac470cce3f
-
SHA512
d5d842d520fa1a5a768b62e3d4945f7aa49aa3079c78843cc70eb2e87515dc228cd8bda2ecbe70d1cdb8a94630687cefe587ee6dfac93685cd9e17473040ac4d
-
SSDEEP
393216:HGV2CSQhZ2YsHFUK2Jn1+TtIiFQS2NXNsI8VbTToP:KYQZ2YwUlJn1QtIm28IKzo
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2992 wrote to memory of 2588 2992 DoomRat.exe 31 PID 2992 wrote to memory of 2588 2992 DoomRat.exe 31 PID 2992 wrote to memory of 2588 2992 DoomRat.exe 31
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
320KB
MD5b8331536bf51ba61211ca35490bc6158
SHA1163e530da5870c1ea073a2cb091168aeb279edf7
SHA2563e69f09acfedf74a126f8906b12d71a9077bf21bec3aef000dc8a7650990ce5e
SHA512c1f864c4569d33177ab9383f09e515754395db076f0355970210ceee8c4eb98f27d251929e489defb725a622f9011c95176cfd4093403eacdef03c0c8fa61a3c