Overview

overview

10

Static

static

no_startup...28.exe

windows7_x64

10

no_startup...28.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    no_startup_upd_2021-08-09_05-28.exe

  • Size

    448KB

  • Sample

    210809-4gfhbs7qb2

  • MD5

    2d0b8663c370b76694a77d6ce5f3897c

  • SHA1

    f803c6a204231bf80b8ee47912c43d597dbfda8f

  • SHA256

    bfec5909532fa13fa9e1a2ef05a6d053c44a6aae7f75715bd6f8b0c6264e7330

  • SHA512

    837d15e30285cdc0b8935bb1f72d06e2c9cd96423dffd81586ed692d27a432496c9da8413c8f356a9be02cb53f9fddd967f724f17799169baf0465ddce49388d

Score
10/10
darkvncrat

Malware Config

Targets

    • Target

      no_startup_upd_2021-08-09_05-28.exe

    • Size

      448KB

    • MD5

      2d0b8663c370b76694a77d6ce5f3897c

    • SHA1

      f803c6a204231bf80b8ee47912c43d597dbfda8f

    • SHA256

      bfec5909532fa13fa9e1a2ef05a6d053c44a6aae7f75715bd6f8b0c6264e7330

    • SHA512

      837d15e30285cdc0b8935bb1f72d06e2c9cd96423dffd81586ed692d27a432496c9da8413c8f356a9be02cb53f9fddd967f724f17799169baf0465ddce49388d

    Score
    10/10
    darkvncrat

    • DarkVNC

      DarkVNC is a malicious version of the famous VNC software.

      ratdarkvnc

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • DarkVNC Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks