General
-
Target
xRAT 2.0 RELEASE4.zip
-
Size
1.8MB
-
Sample
241215-t62tyszmct
-
MD5
bc6226ff88e1f9c4cac611cf96b2b02c
-
SHA1
43c429826ecd319e5ceccb118bfe4fb5966b8901
-
SHA256
b6b2c42ebcbab8e90e15cdf42002f485c41aab340c52aa574e2a8f74461a830a
-
SHA512
4bac2f742ada5976d4d8b25facf46a72ef26db804c20d59ec121a769df84f2ff04d9ae5090fc05a34bb30474978447a81db58cfdb4106acf7c58f43c912a9a19
-
SSDEEP
12288:mcAwJ8AEEti3PJnBdK5JlDvSIM++mk4sQFNl/lcGWBJkAX:mcABjPJBdKdMl2p/WzdX
Static task
static1
Behavioral task
behavioral1
Sample
Interop.NATUPNPLib.dll
Resource
win11-20241007-en
Behavioral task
behavioral2
Sample
LICENSE
Resource
win11-20241007-en
Behavioral task
behavioral3
Sample
Mono.Cecil.dll
Resource
win11-20241007-en
Behavioral task
behavioral4
Sample
Vestris.ResourceLib.dll
Resource
win11-20241007-en
Behavioral task
behavioral5
Sample
client.exe
Resource
win11-20241007-en
Behavioral task
behavioral6
Sample
xRAT 2.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
Interop.NATUPNPLib.dll
-
Size
7KB
-
MD5
bd95e7472a320a8c82ae64b87626fad2
-
SHA1
a9ee0d1d469ba10cdea6d5f958f1449608ebdbb0
-
SHA256
52ec8afceeec3a098e524bbc25c14aab00a863c3d976c87ebffdb2ff68bbccc2
-
SHA512
247346401db8376c2b7cfc901382bcfef3f08dfe43a723e9c190f0892c6d900d289156d4a4a86fff64e29bfd7294c773bc895e1dc9f21d563ec888420500e006
-
SSDEEP
96:dFinj09TiY5IxaUsyKY05YgZsXFscQkE8g8nQqG0tVCSA:nGEJIrKrYgZsGwVvg
Score1/10 -
-
-
Target
LICENSE
-
Size
34KB
-
MD5
b39ca9d3e7e80dd37db7d1985b6b74c4
-
SHA1
73c817f47edb1206308a44f966704557009b5629
-
SHA256
6b837c7a5f07d14add009cc2795823f47925a53dd59197eccb868bd520227c91
-
SHA512
f1e6718c9f7e9fa6931d774329c3b175b879e4e18045c24d7d6917bb55d0b359e8150e4f7a873f0eebbc6bcaadb0d0718c07bb70e768083c85bc32d87f241b8c
-
SSDEEP
768:w7Y+tNdSz3ZlqXOWoInuzx3Y8N3WiAD0Ju:wVtNIq1uzZY1/
Score1/10 -
-
-
Target
Mono.Cecil.dll
-
Size
275KB
-
MD5
2f1d2b580f22c8b14426cc793cafa143
-
SHA1
3debfcafb6d1f94f999e02f18785ea9b13978767
-
SHA256
c1c9504393fb9ae1e5130a70afed53f26a26f23bcbd655c3d79bc0fb846d2b2d
-
SHA512
807789490cbde1ec11a473525de3d953d95e3889ec112dd2f0a4fc2aae504a2afa4ed66b6f4ce6b956e3ddd392ac8289621fa42d1b4cb9818896780b42c1c03a
-
SSDEEP
6144:GXFrvb8HhISlKKvK0EihcEgMdWJ2I6jSAOHvSIT4KdFvkPzg:RBdK5JlDvSIM
Score1/10 -
-
-
Target
Vestris.ResourceLib.dll
-
Size
76KB
-
MD5
4c2fc3ae1f21d55a82464f03de977899
-
SHA1
0399fd6265cb54369043080ebf4d013574f9f208
-
SHA256
13e08cc54e2238592424b2d337333631f5b7dd804c682b8781be08de53d7889a
-
SHA512
4abcb8b26b7d6636d3d9858b39f2d4171b1baba05f476f4c8f9c9ab0fb2b8da2d3fc5fe685c2873af98fe63d3e68c78b91f42ff7ea8a8a37a34276132904d348
-
SSDEEP
1536:Ix0R789PUoXYIt1Og7O1pKYoRvWkAaClFYgGKeK92NXABHg:i0R789PU1IT7O1pwuugFVG/K92V
Score1/10 -
-
-
Target
client.bin
-
Size
272KB
-
MD5
a921e37e23819ea074d76087d5ea376f
-
SHA1
31e00dfc39c54f904f53c24566ff0f45a346b7e7
-
SHA256
85d06f34198bea71b2144fc4c0d138d8e4b072312c840b2f62f74717feaeead7
-
SHA512
f414675832a25d3f7a0bd33519e9f8f3709ce06b8115fa7136032f6d827a884d7c0549f148e7e0d2e38e7b63cf92598c858694d99639fc5538de2cdc0c260afc
-
SSDEEP
6144:ZjzAAHQEEoYt/ynA1K7IUriFi3/a972zT:lcAwJ8AEEti3P
-
Quasar family
-
-
-
Target
xRAT 2.exe
-
Size
1.2MB
-
MD5
6d8489e8ef02f1dd5d496bfa3a4ff48f
-
SHA1
d8df172354f75d100db674e52654f35f53129e5e
-
SHA256
63c0c9e03586b36bba16e6cd2f73a71d675f39e9a4c87b09aaa2253cb763c833
-
SHA512
99f3ecbf5b4596f663d7b6bd9bb28e0967de33ebbc08b02272ed4a5fc0ef29bc04cf3a6537ca6e2ec5dc7acba9a0326708e0f09be9c86b827d670e833ee51e40
-
SSDEEP
6144:WhPmJabS3OVcLGRk0EiDsQYGhbcEJks7lOFqKGhIax2WbcGILJPO2JkfTKIf941:y+mk4sQFNl/lcGWBJkA
Score1/10 -