General

  • Target

    Rajahax.exe

  • Size

    138KB

  • MD5

    3a2efdd34244d2e32564be1ecd2ae2fb

  • SHA1

    a59fe64e0fcd7dd73bf1d6a748e3cf8416eef93f

  • SHA256

    248c2fb9b77901a03336a08aed6c8ad459b7853168160f233946b21bf786090f

  • SHA512

    3e19c0a0640a5a3ea51743fbba093dae7bd47c83d2a8f406d9872c8bc9cba8a4df28887156fd567e8f2f0436cfb6b80705da98ecde6f992c82441117959af31f

  • SSDEEP

    1536:kAxJAVmt6R/ZyWyElr+fuTdOp6dcDw0u0fZwn5y43RMlhfLLjl0ctdZPCs3Kj3h3:kAxJAQt0yWThdOp6bn5yWsdvt/PiSK

Score
10/10

Malware Config

Extracted

Family

phemedrone

C2

https://api.telegram.org/bot7256179101:AAH9javBF9KWz5fXIR2_YM3Ma3CqowIubKw/sendDocument

Signatures

  • Phemedrone family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Rajahax.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections