venomrat | 5e74c2b7ac2d1ad593abac2e47d690a083bf96f1566901e58a5f59d221bc9853 | Triage

Submit
Reports

Overview

overview

Static

static

7-Venom.exe

windows7_x64

7-Venom.exe

windows10_x64

Sharing

General

Target

7-Venom.exe
Size

625KB
Sample

200815-v2gsdyzjss
MD5

8e0459ea44e2e136a66683b4bb1b9c66
SHA1

e675cd144db3f6adeef99c1d790caae6df4d2b49
SHA256

5e74c2b7ac2d1ad593abac2e47d690a083bf96f1566901e58a5f59d221bc9853
SHA512

257f134d34a6016295e2807e1ff94afb84e25897ae5dd346a8c17e5e28e9dbc130055d22adadfd1f31776d4d62c055d204f3f1293df9c58da2daa9244e2f5059

Score

10^/10

venomrat evasion rat rootkit stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

7-Venom.exe

Resource

win7

rat rootkit stealer venomrat evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7-Venom.exe

Resource

win10

evasion trojan rat rootkit stealer venomrat

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  7-Venom.exe
- Size
  
  625KB
- MD5
  
  8e0459ea44e2e136a66683b4bb1b9c66
- SHA1
  
  e675cd144db3f6adeef99c1d790caae6df4d2b49
- SHA256
  
  5e74c2b7ac2d1ad593abac2e47d690a083bf96f1566901e58a5f59d221bc9853
- SHA512
  
  257f134d34a6016295e2807e1ff94afb84e25897ae5dd346a8c17e5e28e9dbc130055d22adadfd1f31776d4d62c055d204f3f1293df9c58da2daa9244e2f5059
Score

10^/10

rat rootkit stealer venomrat evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- VenomRAT
  VenomRAT is a modified version of QuasarRAT with some added features, such as rootkit and stealer capabilites.
  rat rootkit stealer venomrat
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Modify Existing Service

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Disabling Security Tools

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ratrootkitstealervenomratevasiontrojan

behavioral2

evasiontrojanratrootkitstealervenomrat

© 2018-2024

Terms | Privacy