General

  • Target

    Sheet Rat 2.2.zip

  • Size

    239.7MB

  • MD5

    e316c1a65e10c541cafeee5748288dab

  • SHA1

    89b918d18ba7adda80044abf1002b13571c6bc21

  • SHA256

    339947667ddb45feb1cb0b7db1b8dc74acc7f135998d527382f37a39276bc68f

  • SHA512

    f421dbf18f758ea37348c7f5bf4d1f60f3a4993c24ebc3d7d79e21e7ff2ca6a1de73644604a1b50475bfe37c4d7922a5fb2f9e0f3fe136e6dc3305dd243cd473

  • SSDEEP

    6291456:8Q5Wswdfe5yvhjlP10gQVlkZ5Wswdfe5yvhjlP10gQVlkxAl/APk:p5QdW5S3d0g0lkZ5QdW5S3d0g0lkxAlh

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • XMRig Miner payload 2 IoCs
  • Xmrig family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 57 IoCs

    Checks for missing Authenticode signature.

Files

  • Sheet Rat 2.2.zip
    .zip
  • Sheet Rat 2.2/AutoTasks.json
  • Sheet Rat 2.2/ConfigBulid.json
  • Sheet Rat 2.2/Default_812.cfg
  • Sheet Rat 2.2/GMap.NET.Core.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/GMap.NET.WindowsForms.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/IconExtractor.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Ionic.Zip.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Maps.json
  • Sheet Rat 2.2/MetroFramework.Design.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/MetroFramework.Fonts.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/MetroFramework.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/NAudio.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/NAudio.xml
    .xml
  • Sheet Rat 2.2/Newtonsoft.Json.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/AutoRun.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/AutoRun.pdb
  • Sheet Rat 2.2/Plugins/AutoTask.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/AutoTask.pdb
  • Sheet Rat 2.2/Plugins/Chat.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Chat.pdb
  • Sheet Rat 2.2/Plugins/Clipboard.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Clipboard.pdb
  • Sheet Rat 2.2/Plugins/DDos.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/DDos.pdb
  • Sheet Rat 2.2/Plugins/FileManager.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/FileManager.pdb
  • Sheet Rat 2.2/Plugins/FreendConnect.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/FreendConnect.pdb
  • Sheet Rat 2.2/Plugins/Fun.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Fun.pdb
  • Sheet Rat 2.2/Plugins/Keylogger.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Keylogger.pdb
  • Sheet Rat 2.2/Plugins/Map.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Map.pdb
  • Sheet Rat 2.2/Plugins/Message.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Message.pdb
  • Sheet Rat 2.2/Plugins/MicroPhone.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/MicroPhone.pdb
  • Sheet Rat 2.2/Plugins/MinerEtc.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/MinerEtc.pdb
  • Sheet Rat 2.2/Plugins/MinerXmr.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/MinerXmr.pdb
  • Sheet Rat 2.2/Plugins/Netstat.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Netstat.pdb
  • Sheet Rat 2.2/Plugins/Regedit.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Regedit.pdb
  • Sheet Rat 2.2/Plugins/RemoteCamera.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/RemoteCamera.pdb
  • Sheet Rat 2.2/Plugins/RemoteDesktop.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/RemoteDesktop.pdb
  • Sheet Rat 2.2/Plugins/ReverseProxy.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/ReverseProxy.pdb
  • Sheet Rat 2.2/Plugins/Scheduler.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Scheduler.pdb
  • Sheet Rat 2.2/Plugins/SendFile.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/SendFile.pdb
  • Sheet Rat 2.2/Plugins/Service.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Service.pdb
  • Sheet Rat 2.2/Plugins/Shell.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Shell.pdb
  • Sheet Rat 2.2/Plugins/SpeakBot.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/SpeakBot.pdb
  • Sheet Rat 2.2/Plugins/Stealer.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Stealer.pdb
  • Sheet Rat 2.2/Plugins/System.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/System.pdb
  • Sheet Rat 2.2/Plugins/SystemDisable.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/SystemDisable.pdb
  • Sheet Rat 2.2/Plugins/TaskMgr.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/TaskMgr.pdb
  • Sheet Rat 2.2/Plugins/Uac.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/Uac.pdb
  • Sheet Rat 2.2/Plugins/WormJoiner.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/WormJoiner.pdb
  • Sheet Rat 2.2/Plugins/WormSMB.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Plugins/WormSMB.pdb
  • Sheet Rat 2.2/Server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Server.exe.config
    .xml
  • Sheet Rat 2.2/SheetFuscator.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/SheetJoiner.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/SheetParser.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Stub/Client.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Stub/UserMode.dll
    .dll windows:6 windows x64 arch:x64

    6dbf95d81ab0cb2039f47259ddec333f


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Stub/UserMode.obf.dll
    .dll windows:6 windows x64 arch:x64

    6dbf95d81ab0cb2039f47259ddec333f


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Stub/WinRing0x64.sys
    .sys windows:6 windows x64 arch:x64

    d41fa95d4642dc981f10de36f4dc8cd7


    Code Sign

    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Stub/ddb64.dll
    .dll windows:6 windows x64 arch:x64

    2b41a6eaabd449bd2521813e69f0a7c6


    Headers

    Imports

    Exports

    Sections

  • Sheet Rat 2.2/Stub/ethminer.exe
    .exe windows:6 windows x64 arch:x64

    601d901af8200f541117a59e7736bfef


    Headers

    Imports

    Exports

    Sections

  • Sheet Rat 2.2/Stub/nvrtc-builtins64_112.dll
    .dll windows:6 windows x64 arch:x64

    8f855f48184bff75de5ed8f701a5f778


    Headers

    Imports

    Exports

    Sections

  • Sheet Rat 2.2/Stub/nvrtc64_112_0.dll
    .dll windows:6 windows x64 arch:x64

    4ca0827c1b67fe072d17a90113be5a0b


    Headers

    Imports

    Exports

    Sections

  • Sheet Rat 2.2/Stub/sigthief.exe
    .exe windows:5 windows x64 arch:x64

    ba5546933531fafa869b1f86a4e2a959


    Headers

    Imports

    Sections

  • sigthief.pyc
  • Sheet Rat 2.2/Stub/xmrminer.exe
    .exe windows:6 windows x64 arch:x64

    14ec8f3f7eee2e31d6dc574514386b4d


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/System.Buffers.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Sheet Rat 2.2/System.Collections.Immutable.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Sheet Rat 2.2/System.Memory.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Sheet Rat 2.2/System.Numerics.Vectors.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Sheet Rat 2.2/System.Runtime.CompilerServices.Unsafe.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Sheet Rat 2.2/Test.exe.config
    .xml
  • Sheet Rat 2.2/Themes.json
  • Sheet Rat 2.2/Users/185F2F53A42716492E5F897/Info_SYSTEM_fv-az270-188.txt
  • Sheet Rat 2.2/Users/185F2F53A42716492E5F897/Log12_24_2023 12_39/Info.txt
  • Sheet Rat 2.2/Users/1E6FC086A35D3581B7BE2CA/Info_azure_AZURE-PC.txt
  • Sheet Rat 2.2/Users/21690176888BF0EBA5A7C11/Info_runneradmin_fv-az282-894.txt
  • Sheet Rat 2.2/Users/21690176888BF0EBA5A7C11/Info_runneradmin_fv-az456-564.txt
  • Sheet Rat 2.2/Users/24B98F6276B7C5C5BD6343C/Info_SYSTEM_fv-az435-296.txt
  • Sheet Rat 2.2/Users/24B98F6276B7C5C5BD6343C/Log1_02_2024 13_52/Info.txt
  • Sheet Rat 2.2/Users/2F5E6702C33DD845E70B228/Info_SYSTEM_fv-az282-894.txt
  • Sheet Rat 2.2/Users/31B92838914C693FDD68FC9/Info_SYSTEM_fv-az479-946.txt
  • Sheet Rat 2.2/Users/388D25CC2C503070638BC36/Info_79379_LAPTOP-ARFTMN58.txt
  • Sheet Rat 2.2/Users/41E4A20076961FB8571194D/Info_runneradmin_fv-az270-188.txt
  • Sheet Rat 2.2/Users/A9E2F6ACCE159E64B32B2B5/Info_runneradmin_fv-az479-946.txt
  • Sheet Rat 2.2/Users/A9F1428FFEBC410CDB3CBBD/Info_Administrator_0CC47AC83802.txt
  • Sheet Rat 2.2/Users/C917C8527568B8D14A0992B/Info_runneradmin_fv-az435-296.txt
  • Sheet Rat 2.2/Users/C917C8527568B8D14A0992B/Info_runneradmin_fv-az843-841.txt
  • Sheet Rat 2.2/Users/DAF9DA9054EFE07D3B5D7FA/Info_1_1-ПК.txt
  • Sheet Rat 2.2/Users/FBCA0EAC14DB19478B72742/Info_WDAGUtilityAccount_7362299D-89C0-4.txt
  • Sheet Rat 2.2/Users/FBCA0EAC14DB19478B72742/Log12_02_2023 14_06/Browsers/Edge/History.txt
  • Sheet Rat 2.2/Users/FBCA0EAC14DB19478B72742/Log12_02_2023 14_06/Info.txt
  • Sheet Rat 2.2/Users/FBCA0EAC14DB19478B72742/Log12_02_2023 14_07/Browsers/Edge/History.txt
  • Sheet Rat 2.2/Users/FBCA0EAC14DB19478B72742/Log12_02_2023 14_07/Info.txt
  • Sheet Rat 2.2/Users/FBCA0EAC14DB19478B72742/Log12_03_2023 09_07/Browsers/Edge/History.txt
  • Sheet Rat 2.2/Users/FBCA0EAC14DB19478B72742/Log12_03_2023 09_07/Info.txt
  • Sheet Rat 2.2/Vestris.ResourceLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/build/Client.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/build/Default_969.cfg
  • Sheet Rat 2.2/cGeoIp.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/dnlib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/dnlib.xml
    .xml
  • Sheet Rat 2.2/protobuf-net.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Sheet Rat 2.2/protobuf-net.xml
    .xml