General
-
Target
Silver Rat [Re Lab].7z
-
Size
10.6MB
-
Sample
240927-b9vwpssapa
-
MD5
f06813aa321c43a69a04904cfa735a44
-
SHA1
820a0f9f4c00af6ce2583218019ad14a5c5592e2
-
SHA256
a384bad25740a4b783eaadd6ade53d96e878e1313c34321ddfb23149fbf6366d
-
SHA512
72551e22ba2db4759ad905f92f407f7e8266e363aa8627a56d8bcaea83a69a96466269358a034e626581f24c2417fa98bb0bb57472f96c2ea39b2708edaa5bb8
-
SSDEEP
196608:vGbH8yKZWDv2mzFaZ9+j0PlI6obvU/Y0NK6HLlzcurSGBZ+pbJ:vGTiMLNaLIulI6z/YGJHp76P
Behavioral task
behavioral1
Sample
Silver Rat [Re Lab].7z
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
Silver Rat [Re Lab]/SilverRat.exe
Resource
win10-20240611-en
Malware Config
Targets
-
-
Target
Silver Rat [Re Lab].7z
-
Size
10.6MB
-
MD5
f06813aa321c43a69a04904cfa735a44
-
SHA1
820a0f9f4c00af6ce2583218019ad14a5c5592e2
-
SHA256
a384bad25740a4b783eaadd6ade53d96e878e1313c34321ddfb23149fbf6366d
-
SHA512
72551e22ba2db4759ad905f92f407f7e8266e363aa8627a56d8bcaea83a69a96466269358a034e626581f24c2417fa98bb0bb57472f96c2ea39b2708edaa5bb8
-
SSDEEP
196608:vGbH8yKZWDv2mzFaZ9+j0PlI6obvU/Y0NK6HLlzcurSGBZ+pbJ:vGTiMLNaLIulI6z/YGJHp76P
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Drops file in System32 directory
-
-
-
Target
Silver Rat [Re Lab]/SilverRat.exe
-
Size
25.2MB
-
MD5
d6527f7d5f5152c3f5fff6786e5c1606
-
SHA1
e8da82b4a3d2b6bee04236162e5e46e636310ec6
-
SHA256
79a4605d24d32f992d8e144202e980bb6b52bf8c9925b1498a1da59e50ac51f9
-
SHA512
2b4eb9e66028d263c52b3da42fa3df256cf49cd7a7ebdf7c75da6a2dedfd2c22cb5f2071345b7016cd742539c74a801cad70c612330be79802fa19f860ea2d5f
-
SSDEEP
786432:SZYRGnGvovVvAuuglekvAR4vzHcv6lHGH9KdDmvQuLGgJMKV+n9n1vgvVv2jlv1S:Ik79a
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-