doomrat | 4d8e54a0c812d29ee7323f4a95a3fe11cfb49174783a18906680b405496b2dee | Triage

Submit
Reports

Overview

overview

Static

static

virus.exe

windows10-1703-x64

7

Resubmissions

21-09-2024 13:20

240921-qk7ljavajp 7

21-09-2024 13:05

240921-qbqlnatepq 10

Sharing

General

Target

virus.exe
Size

12.1MB
Sample

240921-qbqlnatepq
MD5

3897f6d17ebc238689e567f93686b8d7
SHA1

8492fdb6432234194585ad80784685a32ed5a683
SHA256

4d8e54a0c812d29ee7323f4a95a3fe11cfb49174783a18906680b405496b2dee
SHA512

16118eb6a9be55aa5d65ec67ede78993a274d1731baeec407e90404a981a18a7b7e7745c4c0c77d685b67da6b9c5e8592726fd627f8a5feae21bccd0237c49dd
SSDEEP

393216:yGV2CSQhZ2YsHFUK2Jn1+TtIiFQS2NXNsI8VbTToP:tYQZ2YwUlJn1QtIm28IKzo

Score

10^/10

doomrat antivm apt backdoor banker bootkit botnet clipper collection crypter discovery doom downloader dropper evasion exploit exploiter fakeav ics infostealer keylogger loader maldoc miner overlay pc fucker persistence ransomware rat rootkit spam spreader spyware stealer trojan upx wiper worm adware pyinstaller

Static task

static1

pyinstaller adware antivm apt upx backdoor banker bootkit botnet clipper collection crypter discovery downloader dropper evasion exploit exploiter fakeav ics infostealer keylogger loader maldoc miner overlay persistence ransomware rat rootkit spam spreader spyware stealer trojan wiper worm doom pc fucker doomrat

4 signatures

Behavioral task

behavioral1

Sample

virus.exe

Resource

win10-20240404-en

windows10-1703-x64

3 signatures

30 seconds

Malware Config

Targets

- Target
  
  virus.exe
- Size
  
  12.1MB
- MD5
  
  3897f6d17ebc238689e567f93686b8d7
- SHA1
  
  8492fdb6432234194585ad80784685a32ed5a683
- SHA256
  
  4d8e54a0c812d29ee7323f4a95a3fe11cfb49174783a18906680b405496b2dee
- SHA512
  
  16118eb6a9be55aa5d65ec67ede78993a274d1731baeec407e90404a981a18a7b7e7745c4c0c77d685b67da6b9c5e8592726fd627f8a5feae21bccd0237c49dd
- SSDEEP
  
  393216:yGV2CSQhZ2YsHFUK2Jn1+TtIiFQS2NXNsI8VbTToP:tYQZ2YwUlJn1QtIm28IKzo
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

pyinstalleradware antivm apt upx backdoor banker bootkit botnet clipper collection crypter discovery downloader dropper evasion exploit exploiter fakeav ics infostealer keylogger loader maldoc miner overlay persistence ransomware rat rootkit spam spreader spyware stealer trojan wiper worm doom pc fuckerdoomrat

behavioral1

© 2018-2024

Terms | Privacy