silverrat

General

Target

Silver Rat [Re Lab].7z
Size

10.6MB
Sample

250116-25f5vstlbt
MD5

f06813aa321c43a69a04904cfa735a44
SHA1

820a0f9f4c00af6ce2583218019ad14a5c5592e2
SHA256

a384bad25740a4b783eaadd6ade53d96e878e1313c34321ddfb23149fbf6366d
SHA512

72551e22ba2db4759ad905f92f407f7e8266e363aa8627a56d8bcaea83a69a96466269358a034e626581f24c2417fa98bb0bb57472f96c2ea39b2708edaa5bb8
SSDEEP

196608:vGbH8yKZWDv2mzFaZ9+j0PlI6obvU/Y0NK6HLlzcurSGBZ+pbJ:vGTiMLNaLIulI6z/YGJHp76P

Score

10^/10

Malware Config

Extracted

Family

silverrat

Version

1.0.0.0

C2

127.0.0.1:9999

Mutex

lAxDBRhAFu

Attributes

certificate
MIIE4DCCAsigAwIBAgIQAKQYOfZd86J2BfNjhG4CWTANBgkqhkiG9w0BAQ0FADARMQ8wDQYDVQQDDAZTaWx2ZXIwIBcNMjIwODI2MTkwMTA4WhgPOTk5OTEyMzEyMzU5NTlaMBExDzANBgNVBAMMBlNpbHZlcjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPbpOWfhZTuOfEaqqImTTe5dNHAAry7/mf00DCoI4lPZfypsc1tYraxSPFeayGu09a3qdhkWKSVIgwnu2n4GLQNOCY9fh/1oyrX4Iir3BIkYeU7pKTWgjhUlAmFAUAaNr0ca23Ku2kN79jrDzRznOgE2DEW4p7OiM4Mb097ma9lzu7MyssHbY4VCteAhj9HZiplqBxaC1vXDmzxqG+gUZ1aLcyG7ssdkOjtWVBgT3gD/gOl7KchRzCFB1egDC/vD9WZCG35U3Ngi+IkTznoXR1R06cq4v0UnGjE37R2vcB21qb0ZYNiZJXZHv5i9+R7xoPeNoLda5PqnfGGbhPvNEdD56mdcOKlzGIuyemLkUo8texdpiBWKbtc3JZf5VsKxjJtHDK3xW6gDGI+PAirzGkFPmwcf8WgsblvzLg8OZpVxVs8rmKWoi6qIrf4CXnyl73J4lgzW+ir7PjANAQXwLNGdNnvdMeLeo/muGQPdeNpr6OczGGnkWA4qniHeL51/Gx0a8A+jP9zKiyu+qHcsP2IotgWDH/KlzJVr7IAum+DV92uV8poTDcUNcHaKvhHA65KmEtsvLbK6lFZcAMC0eWC0VgpW44T1/16rOaaky5mP6rTMc3nSyOl/lU/XgAgGGQPe22bRLWYzd3WVeEpI1WnHYXS+tL9IOe4kJP+pYsWDAgMBAAGjMjAwMB0GA1UdDgQWBBR32TJj2LeUx9L+RcSOvmFV6VJq6TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBDQUAA4ICAQA+qucSOi7ov7Q1FmAjMf925KuvKuCNwJiu3Sqo3FDGVAD1fAwAi2FdyuXEO2VIUPZCkalFcBna5rqyrc6tcS4T0IL2TsYLrsuGir7PWP7CAcft1urYS1HpNpHxeH/nixwnQaQs/MuRmdm2TeCj6G21P5BTW55U5y9sMPSYwhbD2N7XLgnSQd5Y+80TR7FUiye/k3D37fI9PRhSQGbfYFRQQTmxj84dPTnY5CVgaY9d8fNiFZkyjaZdf+mibK0xQTf+xLVVj+toDNCkc1F462TdmFhCrHd4PoMo0yLDNv4SC6NLRq4haWDRtORw6gd5GYIoCQ3m3oQvNlNxXhhIjsOyxkxOrkCD0c+57PIc7EmKXieJa/XxnkcIVxO8dvTY/vijuz/VaZYl/lPu9ckuqgJ1wRvvsHl70Trv4Mn4X5uCIqRFFlK/mSOZbLIguGkDN3QIZABvej89vlZMhrVfZOG2oawe23FskHjv7thF/WzOXtWw6RUVC1V+hCwbuxFNUjZmmOTUwdXHnus7I2AuiG6Jz1+y9aYiXBcVTdSljxjHRRmiRaAnY94h58vN8NJ4hKL2GVCo6LxkpuplmcntJN0cKraKTPxSXcCRrqWxX9qoIbfvBcUU4vH1jPJCCLNCuDyD3lgQkpPVvq0EMU1a2HFGgMEQMjpYpb38rcadDhT5ag==
decrypted_key
-|S.S.S|-
key
yy6zDjAUmbB09pKvo5Hhug==
key_x509
bExTREtiUkFJU1VBQkZDcGhFYUlERXlETVVqeVlh
reconnect_delay
4
server_signature
X2bGaIX2LYniQHNuiZ/GDWH2WAPjo6JBlPdruTKo3wAPBEJ7c9p52YHgJUPnAr1f4g/5wuBOuJAiDhcjiBvp5/YjOCvb25I5GR9CYPw/Q1d24lBPVX0Vx4Ns5U7DP1DDLt1jeKUfZ5M7hTyIyBocDPCrfCaQ36utR7TqCeZvKx6q4gZCAa8RJyd7btBmjmL6lbU2cCa5VGVcIXrWbyc8+86XnvZH6f+cL/eckLafy6FT0dtw50+V2DpmJf7hw5arvTY/5+VHgUEXS8txTp0s7TC+BaiRSCVAvxZv5FCzkUSAq1dHk201/ITPw1i3YpIWmKgm9OPw0kbpexyuuYZtH56J73wUtjSXeNJivwl82bDDJMXgaIQZy/fLcSXOMHyPzDeUQkioTmDc8yobDLs8Agdd/EVPvGqZ3ccRA/3TPRNwNscM34hUwwkmR3qU9jbXra//N63KmpBuaTgGn6Hq4NCx3y2f4BFg+WIcI4KkKtZT9KNyVNxqp5UBETfmlg4w3OKf++K27s5g+oBAyKz2GwIidbI5sn/s8I7I9nCCTxVa68bWRTrWYWCeWYO/ba4D2N6eEYqUpEeFVZsagYqy8B2psIHwDdSiOXeew2JtkNSM4qZFi7qD/NT07niJyjbwUe2c6RjZn1LMhhVxsZqWbNqouBRLuihU+J5o1O506jw=

Targets

- Target
  
  Silver Rat [Re Lab].7z
- Size
  
  10.6MB
- MD5
  
  f06813aa321c43a69a04904cfa735a44
- SHA1
  
  820a0f9f4c00af6ce2583218019ad14a5c5592e2
- SHA256
  
  a384bad25740a4b783eaadd6ade53d96e878e1313c34321ddfb23149fbf6366d
- SHA512
  
  72551e22ba2db4759ad905f92f407f7e8266e363aa8627a56d8bcaea83a69a96466269358a034e626581f24c2417fa98bb0bb57472f96c2ea39b2708edaa5bb8
- SSDEEP
  
  196608:vGbH8yKZWDv2mzFaZ9+j0PlI6obvU/Y0NK6HLlzcurSGBZ+pbJ:vGTiMLNaLIulI6z/YGJHp76P
Score

10^/10

silverrat agilenet discovery trojan
- SilverRat
  SilverRat is trojan written in C#.
  trojan silverrat
- Silverrat family
  silverrat
- Executes dropped EXE
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral1 behavioral2