Resubmissions

16/04/2025, 14:22

250416-rpjwpsssbz 10

26/12/2023, 16:43

231226-t8dvxaebf6 8

11/10/2023, 19:28

231011-x6qcpsae37 8

General

  • Target

    decodedfile.zip

  • Size

    333KB

  • MD5

    526a0b2d142567d8078e24ab0758fad7

  • SHA1

    142a574251873d9be9432efdd5de2ebb763fe571

  • SHA256

    f6edcd66b7c14920bc0f820eaf537bf5ee101c91b618ea3fbbb1b8978a40a775

  • SHA512

    cc17d389831bee2521c1d0dcb2391f8055e8b3d3d8df2938f10915182fef102177abbe8c5c0db05b8acaa7c4b346efc26a79cb168862ee1f45431e0880072c2b

  • SSDEEP

    6144:4DVSfzsr62de98PA9+ZXfJm0apajufe12ZxLJ6oQxN0tRiE9pXEJ:5zsVQ9CRZXf4aufe1gJ6oQI0EDa

Score
10/10

Malware Config

Extracted

Family

janelarat

C2

aigodmoney009.access.ly

freelascdmx979.couchpotatofries.org

439mdxmex.damnserver.com

897midasgold.ddns.me

disrupmoney979.ditchyourip.com

kakarotomx.dnsfor.me

skigoldmex.dvrcam.info

i89bydzi.dynns.com

infintymexbrock.geekgalaxy.com

brockmex57.golffan.us

j1d3c3mex.homesecuritypc.com

myfunbmdablo99.hosthampster.com

irocketxmtm.hopto.me

hotdiamond777.loginto.me

imrpc7987bm.mmafan.biz

dmrpc77bm.myactivedirectory.com

jxjmrpc797bm.mydissent.net

askmrpc747bm.mymediapc.net

myinfintyme09.geekgalaxy.com

infintymex747.geekgalaxy.com

Signatures

  • Janelarat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • decodedfile.zip
    .zip
  • VCRUNTIME140.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Exports

    Sections

  • opdrde.exe
    .exe windows:6 windows x86 arch:x86

    802de8bbcce52328aa7a939de392df62


    Code Sign

    Headers

    Imports

    Sections