sliver | c4720f08e4a269aab625f99ca5f2fbffc1c149b3ceab8d057cd2bdd7a4fc958d | Triage

Sharing

General

Target

c4720f08e4a269aab625f99ca5f2fbffc1c149b3ceab8d057cd2bdd7a4fc958d
Size

13.1MB
MD5

8193aa4224b38e90525910087e3637dd
SHA1

ee096a7980ae4b170428a94ecfb01eaaac8f8776
SHA256

c4720f08e4a269aab625f99ca5f2fbffc1c149b3ceab8d057cd2bdd7a4fc958d
SHA512

ec65a278ce3d745b9f0abed4ee8ba1fdc9603a65cca743c4f2dcbbce6748543451ed37a6e655b4eb57e81d9d5c94ca7a5c132a25e31596754b715225e7d7eee6
SSDEEP

98304:T3/ST9MpEWZoFKPzAmp8Y2HboWqzgGJkEq8a/HIM0Bn5+JEItRV:b/ShMMKMmp8Y27oWak/8a/HP0Bn5vItP

Score

10^/10

sliver

Malware Config

Signatures

Sliver RAT v2 1 IoCs

resource	yara_rule
sample	SliverRAT_v2

Sliver family
sliver

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4720f08e4a269aab625f99ca5f2fbffc1c149b3ceab8d057cd2bdd7a4fc958d

Files

c4720f08e4a269aab625f99ca5f2fbffc1c149b3ceab8d057cd2bdd7a4fc958d
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 262KB - Virtual size: 703KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ