Analysis
-
max time kernel
147s -
max time network
135s -
platform
windows10_x64 -
resource
win10v20210410 -
submitted
29-06-2021 06:19
General
-
Target
2cb7320819f358b11ee7187ce04909d13edeedbbd106fb7a0d32bc594ed5f097.exe
-
Size
534KB
-
MD5
1e4df0eb1af664a6a5565f7c1d8d03c5
-
SHA1
1334395725da44185b583b848de3a34d7a35ddc9
-
SHA256
2cb7320819f358b11ee7187ce04909d13edeedbbd106fb7a0d32bc594ed5f097
-
SHA512
e7845c88993974310626c9d126f92849e59529e7107c775a6536736b022992f8e1b581db323a75f7040ba4219da669f2fa899fa38cc14bcb0e4ab0ca1bbe9a73
Score
10/10
Malware Config
Signatures
-
VenomRAT
VenomRAT is a modified version of QuasarRAT with some added features, such as rootkit and stealer capabilites.
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2cb7320819f358b11ee7187ce04909d13edeedbbd106fb7a0d32bc594ed5f097.exe"C:\Users\Admin\AppData\Local\Temp\2cb7320819f358b11ee7187ce04909d13edeedbbd106fb7a0d32bc594ed5f097.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
5.0MB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB