darkvnc | cf04fc9db51e68544ae38d93ef517e8fff5c8a4e14d0c1628e7b9bcbf8286e88 | Triage

Submit
Reports

Overview

overview

Static

static

cf04fc9db5...88.exe

windows7_x64

cf04fc9db5...88.exe

windows10-2004_x64

Sharing

General

Target

cf04fc9db51e68544ae38d93ef517e8fff5c8a4e14d0c1628e7b9bcbf8286e88
Size

9.5MB
Sample

220320-cl4z5segd3
MD5

dcb0e76902f912328a7613df7221cfae
SHA1

1814a081ed127351f1cb6ad40e9003ab168508c4
SHA256

cf04fc9db51e68544ae38d93ef517e8fff5c8a4e14d0c1628e7b9bcbf8286e88
SHA512

6367e5546d90ea39432f1a1d1a321206b4b5be31d79ca82f3deea95a94edd25f606e9cc878e5e9dc372efd0338c3f9f071bf5a0268dea667122688263dcf8fda

Score

10^/10

darkvnc rat

Static task

static1

Behavioral task

behavioral1

Sample

cf04fc9db51e68544ae38d93ef517e8fff5c8a4e14d0c1628e7b9bcbf8286e88.exe

Resource

win7-20220311-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

cf04fc9db51e68544ae38d93ef517e8fff5c8a4e14d0c1628e7b9bcbf8286e88.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  cf04fc9db51e68544ae38d93ef517e8fff5c8a4e14d0c1628e7b9bcbf8286e88
- Size
  
  9.5MB
- MD5
  
  dcb0e76902f912328a7613df7221cfae
- SHA1
  
  1814a081ed127351f1cb6ad40e9003ab168508c4
- SHA256
  
  cf04fc9db51e68544ae38d93ef517e8fff5c8a4e14d0c1628e7b9bcbf8286e88
- SHA512
  
  6367e5546d90ea39432f1a1d1a321206b4b5be31d79ca82f3deea95a94edd25f606e9cc878e5e9dc372efd0338c3f9f071bf5a0268dea667122688263dcf8fda
Score

10^/10

darkvnc rat
- DarkVNC
  DarkVNC is a malicious version of the famous VNC software.
  rat darkvnc
- DarkVNC Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy