Overview

overview

10

Static

static

1234ece43a...f1.exe

windows7_x64

10

1234ece43a...f1.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1234ece43aa87d86c894c56e624542f1

  • Size

    406KB

  • Sample

    210703-nd6q4t9rhx

  • MD5

    1234ece43aa87d86c894c56e624542f1

  • SHA1

    269434459fefa03f3953eef1884b346610dd1b94

  • SHA256

    21dbbf625ccd9bf9aae178bf9a5ff84db58aea912166836924b7aa9bbce0443c

  • SHA512

    649475a6b92e0411e6fdd8618fec5835b1f0357f3b8586a3de042dc04261f6251d40d0e1036884ed199af65b1b53c03848214f35cdae1ef47226c80462c44519

Score
10/10
darkvncrat

Malware Config

Targets

    • Target

      1234ece43aa87d86c894c56e624542f1

    • Size

      406KB

    • MD5

      1234ece43aa87d86c894c56e624542f1

    • SHA1

      269434459fefa03f3953eef1884b346610dd1b94

    • SHA256

      21dbbf625ccd9bf9aae178bf9a5ff84db58aea912166836924b7aa9bbce0443c

    • SHA512

      649475a6b92e0411e6fdd8618fec5835b1f0357f3b8586a3de042dc04261f6251d40d0e1036884ed199af65b1b53c03848214f35cdae1ef47226c80462c44519

    Score
    10/10
    darkvncrat

    • DarkVNC

      DarkVNC is a malicious version of the famous VNC software.

      ratdarkvnc

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • DarkVNC Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks