Analysis Overview
score
10/10
SHA256
5c4e60801dd978710cdce9a43bcd6e14e3fa8e6790dc981b4ad25307628b41a0
Threat Level: Known bad
The file DoomRat.exe was found to be: Known bad.
Malicious Activity Summary
DoomRat
Doomrat family
Detects Pyinstaller
Unsigned PE
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-09-27 19:41
Signatures
DoomRat
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Doomrat family
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-09-27 19:41
Reported
2024-09-27 19:41
Platform
win7-20240903-en
Command Line
N/A
Signatures
N/A
Processes
N/A
Network
N/A
Files
N/A
Analysis: behavioral2
Detonation Overview
Submitted
2024-09-27 19:41
Reported
2024-09-27 19:42
Platform
win10v2004-20240802-en
Max time kernel
0s
Max time network
6s
Command Line
"C:\Users\Admin\AppData\Local\Temp\DoomRat.exe"
Signatures
N/A
Processes
C:\Users\Admin\AppData\Local\Temp\DoomRat.exe
"C:\Users\Admin\AppData\Local\Temp\DoomRat.exe"
Network
| Country | Destination | Domain | Proto |
| N/A | 52.137.106.217:443 | tcp |
Files
N/A