General
-
Target
VenomRAT + HVNC.rar
-
Size
6.6MB
-
Sample
221013-xbjaxahbf9
-
MD5
61d378ec4f20384a34c3630893927b2c
-
SHA1
6f8de2b603139d9ee91fdaf869d61edf2cab97f1
-
SHA256
526126f4b17a0aec340b45293656487d366297c0549c606372b971f02e921bfd
-
SHA512
7e1dedbbdd8c2204adfdf21b342489414bce9ca92a3b0dae71068b8f115b8ddf487feac3b1fc492e1472a258d8e1a396df3606c463d5e9afe8556d2f3d5e4376
-
SSDEEP
196608:wkz5+bJJDKEzQVA3FBRrOU/1XwbzGECQKTyki/:NY3FBpZXWzGxJT34
Malware Config
Targets
-
-
Target
VenomRAT + HVNC/VenomRAT_HVNC.exe
-
Size
16.5MB
-
MD5
31be8acd11aa5738dd970410adb597da
-
SHA1
cd4d52b884066e1a47fd27b616cfafeb66225cde
-
SHA256
e78a5ee885dc3b170a5e009aaf1a2db565ac1bf729a0c2195ebfe56420717abb
-
SHA512
ee621bf362cd717d9b026f14e5ff1da5f28fbdb5c58dacd3a8da120e5472baaaef22b052a08d51d49b6dae30cf15178b588acd5cb3596c2e0f2ef533e467ba94
-
SSDEEP
393216:Hl9Yl7Elel7ElAlQleTl/l/l/l/l/lzlml/lqlZlHl/l/l/l/l/l/lIlAl+lUl2+:JTXT
-
Async RAT payload
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-