Overview

overview

10

Static

static

idu9A98.exe

windows7_x64

10

idu9A98.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    idu9A98.exe

  • Size

    2.0MB

  • Sample

    210629-y2vbt41hf6

  • MD5

    16493223940cd99199a672e44dec05d6

  • SHA1

    ffcde3a96670552d239d547b4c3f44aa77c0fdb7

  • SHA256

    7b844cc75f594f536f486b137817a497407b689725ab45c7904444e82374d4ac

  • SHA512

    5363e507a8d1456dc11747f86cf66113cd85da2d2bd00524b15df24fdeac9f8f1f756c790bcaf9f901c644e4083607185a303c505040115cf0d2b196d6aa4707

Score
10/10
darkvncrat

Malware Config

Targets

    • Target

      idu9A98.exe

    • Size

      2.0MB

    • MD5

      16493223940cd99199a672e44dec05d6

    • SHA1

      ffcde3a96670552d239d547b4c3f44aa77c0fdb7

    • SHA256

      7b844cc75f594f536f486b137817a497407b689725ab45c7904444e82374d4ac

    • SHA512

      5363e507a8d1456dc11747f86cf66113cd85da2d2bd00524b15df24fdeac9f8f1f756c790bcaf9f901c644e4083607185a303c505040115cf0d2b196d6aa4707

    Score
    10/10
    darkvncrat

    • DarkVNC

      DarkVNC is a malicious version of the famous VNC software.

      ratdarkvnc

    • DarkVNC Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks