Overview

overview

10

Static

static

8b7f63f120...20.exe

windows7_x64

10

8b7f63f120...20.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b7f63f120e527135f9bb9a3d7621120

  • Size

    408KB

  • Sample

    210718-35871rnqsn

  • MD5

    8b7f63f120e527135f9bb9a3d7621120

  • SHA1

    70c4b402faade6530f0f0e3a8ccc452f1c2773e7

  • SHA256

    47b95432a7ec3c68256b6948f59130459d15230e6e91d77f0baa2e55cb9642f4

  • SHA512

    67f4f0612aac3c7a57f39918ef260496d2e695f5cc3217d4d48661c23c9d2f6a8834c2c7cd965f1564b19eb9a12185a2ce50745d26913cd6ffcd94632410170b

Score
10/10
darkvncrat

Malware Config

Targets

    • Target

      8b7f63f120e527135f9bb9a3d7621120

    • Size

      408KB

    • MD5

      8b7f63f120e527135f9bb9a3d7621120

    • SHA1

      70c4b402faade6530f0f0e3a8ccc452f1c2773e7

    • SHA256

      47b95432a7ec3c68256b6948f59130459d15230e6e91d77f0baa2e55cb9642f4

    • SHA512

      67f4f0612aac3c7a57f39918ef260496d2e695f5cc3217d4d48661c23c9d2f6a8834c2c7cd965f1564b19eb9a12185a2ce50745d26913cd6ffcd94632410170b

    Score
    10/10
    darkvncrat

    • DarkVNC

      DarkVNC is a malicious version of the famous VNC software.

      ratdarkvnc

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • DarkVNC Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks