General

  • Target

    ratremover.exe

  • Size

    7.6MB

  • MD5

    86d3386f1c3741e7bf7c3b49fd54ef4c

  • SHA1

    4c2a7901ea11b96d44831ad473a4fe13fec964c7

  • SHA256

    d71b0488ad6ce4579d90b22ed8921fc837ffc77781de183da7a7a30369db5ed1

  • SHA512

    8467abddee54c2d77bae0c19f06da49eacda544704f9ddef259936d4f0d8150c367ed5d84b15d1fe5b25b2e3397bca26b53164c0fe0674397f44b109224c5368

  • SSDEEP

    196608:NZD+kd2QwfI9jUCBB7m+mKOY7rXrZusooDmhfvsbnTNWR:35gPIHL7HmBYXrYoaUNm

Score
10/10

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family

Files

  • ratremover.exe
    .exe windows:6 windows x64 arch:x64

    72c4e339b7af8ab1ed2eb3821c98713a


    Code Sign

    Headers

    Imports

    Sections

  • ٹ?�.pyc