silverrat | Silver[.]exe

Resubmissions

22-11-2024 16:16

241122-tq4zdatpg1 10

31-01-2024 15:15

240131-sm8mqaggbj 8

Sharing

Copy URL

Twitter E-mail

General

Target

Silver.exe
Size

40KB
MD5

c99c7d1673abd0499e508de4c2445523
SHA1

e7333eb204147ac867cc06b597fb858fd29db2cc
SHA256

6ccf17da9d1511886987f459d7524af6c195e853dff405ec211d9ae89163469c
SHA512

62db95fe4f8ecb2da45afea01241886e6f97b3e9ad3b56ac5b1d8c0eea335a4dbf1c32d584ef844fb38e259625b330cde1a6cb63cf6b98c26098f9dcae97a3d1
SSDEEP

768:00sNbahnB/yoF3Yvz/DZM4snnnn71A+RUbB489ZYzb8hdB6Sc4xO:07RPL+Gt9ZYXooB4xO

Score

10^/10

silverrat

Malware Config

Extracted

Family

silverrat

Version

1.0.0.0

haffasdqa.duckdns.org:6070

Mutex

SilverMutex_ZAISHXAYQR

Attributes

certificate
MIIE4DCCAsigAwIBAgIQAKQYOfZd86J2BfNjhG4CWTANBgkqhkiG9w0BAQ0FADARMQ8wDQYDVQQDDAZTaWx2ZXIwIBcNMjIwODI2MTkwMTA4WhgPOTk5OTEyMzEyMzU5NTlaMBExDzANBgNVBAMMBlNpbHZlcjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPbpOWfhZTuOfEaqqImTTe5dNHAAry7/mf00DCoI4lPZfypsc1tYraxSPFeayGu09a3qdhkWKSVIgwnu2n4GLQNOCY9fh/1oyrX4Iir3BIkYeU7pKTWgjhUlAmFAUAaNr0ca23Ku2kN79jrDzRznOgE2DEW4p7OiM4Mb097ma9lzu7MyssHbY4VCteAhj9HZiplqBxaC1vXDmzxqG+gUZ1aLcyG7ssdkOjtWVBgT3gD/gOl7KchRzCFB1egDC/vD9WZCG35U3Ngi+IkTznoXR1R06cq4v0UnGjE37R2vcB21qb0ZYNiZJXZHv5i9+R7xoPeNoLda5PqnfGGbhPvNEdD56mdcOKlzGIuyemLkUo8texdpiBWKbtc3JZf5VsKxjJtHDK3xW6gDGI+PAirzGkFPmwcf8WgsblvzLg8OZpVxVs8rmKWoi6qIrf4CXnyl73J4lgzW+ir7PjANAQXwLNGdNnvdMeLeo/muGQPdeNpr6OczGGnkWA4qniHeL51/Gx0a8A+jP9zKiyu+qHcsP2IotgWDH/KlzJVr7IAum+DV92uV8poTDcUNcHaKvhHA65KmEtsvLbK6lFZcAMC0eWC0VgpW44T1/16rOaaky5mP6rTMc3nSyOl/lU/XgAgGGQPe22bRLWYzd3WVeEpI1WnHYXS+tL9IOe4kJP+pYsWDAgMBAAGjMjAwMB0GA1UdDgQWBBR32TJj2LeUx9L+RcSOvmFV6VJq6TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBDQUAA4ICAQA+qucSOi7ov7Q1FmAjMf925KuvKuCNwJiu3Sqo3FDGVAD1fAwAi2FdyuXEO2VIUPZCkalFcBna5rqyrc6tcS4T0IL2TsYLrsuGir7PWP7CAcft1urYS1HpNpHxeH/nixwnQaQs/MuRmdm2TeCj6G21P5BTW55U5y9sMPSYwhbD2N7XLgnSQd5Y+80TR7FUiye/k3D37fI9PRhSQGbfYFRQQTmxj84dPTnY5CVgaY9d8fNiFZkyjaZdf+mibK0xQTf+xLVVj+toDNCkc1F462TdmFhCrHd4PoMo0yLDNv4SC6NLRq4haWDRtORw6gd5GYIoCQ3m3oQvNlNxXhhIjsOyxkxOrkCD0c+57PIc7EmKXieJa/XxnkcIVxO8dvTY/vijuz/VaZYl/lPu9ckuqgJ1wRvvsHl70Trv4Mn4X5uCIqRFFlK/mSOZbLIguGkDN3QIZABvej89vlZMhrVfZOG2oawe23FskHjv7thF/WzOXtWw6RUVC1V+hCwbuxFNUjZmmOTUwdXHnus7I2AuiG6Jz1+y9aYiXBcVTdSljxjHRRmiRaAnY94h58vN8NJ4hKL2GVCo6LxkpuplmcntJN0cKraKTPxSXcCRrqWxX9qoIbfvBcUU4vH1jPJCCLNCuDyD3lgQkpPVvq0EMU1a2HFGgMEQMjpYpb38rcadDhT5ag==
decrypted_key
-|S.S.S|-
key
yy6zDjAUmbB09pKvo5Hhug==
key_x509
WmZhaWZHSlJEU1NHQ2lSQUdFck95dGxpQVVOd0lE
reconnect_delay
4
server_signature
HC2ULa6twD52xavc2rWxq104x9i9ua3uAkLjm/TTH+rd9oi9wtsTSsLgZjxM9qkzgjBDOr1rGDGfhDS9VlD68zjx1mKkaMbYqbSRSdHiTM2yLH9MaB8sCaoXVcZdmPp16EJI0bAVNI/fsQpaoNNyrwgbQT19D2H5knN/ZpTqY3wwXLHyXzSm3Sz882AmeZfZi0cb+Gn/Z8enptEox36hZJPIDCEs9FfPtTd0KRTx9lLwk48m/6gk0YltRrv/JhwoBwhw8QnG0zr69KNrawZCT2UKO5UUQvqoeaCdMOnc/5juMRWhnH3dgGuRtqpoxaZ3JyYqb555SX5M4U+CmRTM4lhB1B4jGEkJM97th0vGkfpczD4S7V5vH2CuPRhDlTuxesDpy4pSCBeStkh/nSNAagF8LyfdXaXXN+RFQCEZIYkn4ydXe/RhihsceeDe+AGlJsA3LetVLQjvcqKtSwLeQZpkMr5klLNnjBFkSqCC5ijKexPnavCt3w5ID//JzJNr1dtooygnDQ0P+8Tkz91xCkgX3xGXG1UD0qY8al/ONVcAjDDGo6rRTj5Ac0TR7w1M5wqwNirSQvn0Ax1WaO9gIMI8wvwCbbOfKukGzSiZOKyIHLT7Ilv36Cytf/Deh6SIjq8GGHFlPNCaYPu62ZH9ekRPOFKjO72JYC4j7XZwBXU=

Signatures

Silverrat family
silverrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Silver.exe

Files

Silver.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 38KB - Virtual size: 38KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 1KB - Virtual size: 1KB