Overview

overview

10

Static

static

10

888_RAT.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    888_RAT.exe

  • Size

    22.0MB

  • MD5

    54c6dc01ba6c748106085665ff8ad61b

  • SHA1

    f75d970df21d277d39656aeff50752d415b47c6e

  • SHA256

    27e3e3350715b83a2a3059c008517e1e97b2531557aaefd3b4cee38f62039b1c

  • SHA512

    9b5498b40de25dc788a728979518e3b6edcc1f0a0444f96bb19c68f91036b552b248d78b5f783ee5247eb7f7bb1272b4e4edf3f2c6650674c16b72593eec7f8d

  • SSDEEP

    393216:AP1PWZEdKBGwPLApMDvm9YL8mp3YsxXUSqqEDPqwTOfxUbEe2pjEgSl7ltlx:qUAKZLEym923Ysx2qeoS1mjr4Pf

Score
10/10
upx

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • AutoIT Executable 2 IoCs

    AutoIT scripts compiled to PE executables.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 888_RAT.exe
    .exe windows:4 windows x86 arch:x86

    29b61e5a552b3a9bc00953de1c93be41


    Headers

    Imports

    Sections

  • 888_RAT_1.0.9 Cracked by Shark M!nd.exe
    .exe windows:5 windows x86 arch:x86

    eb97e4fc5518ac300a92a11673825e0b


    Headers

    Imports

    Sections

  • majid z hacker website.exe
    .exe windows:4 windows x86 arch:x86

    29b61e5a552b3a9bc00953de1c93be41


    Headers

    Imports

    Sections

  • microsoft corporation.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • program startup.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • script.vbs
    .vbs