venus | 99bc5e82135557b8e571b2deab9f297f[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

99bc5e82135557b8e571b2deab9f297f.bin
Size

136KB
MD5

99bc5e82135557b8e571b2deab9f297f
SHA1

ec11f6abf13044a438a7f363bda2c9d5709d2475
SHA256

04d75593f6acdfe0c959345b8d6702166537d7533abfeb4b568339dee1986b5e
SHA512

cffb151124a92bd9a1dca3e12ad4482e1dbdb4ff93099785e02b897c688d0a741a6d28b9ab40bc757e24caee1890ec207287058176547ff2bc48803c8aea7a5c
SSDEEP

3072:d4YLjaoAN6vHt5pmX8Q8QAjD44vcTlYewhp8J1HGjqZfTd3zHZ0DELbT4n:tlmX8QHA0B9Sp+1cmV50DEr4n

Score

10^/10

venus

Malware Config

Signatures

Venus Ransomware 1 IoCs

resource	yara_rule
sample	family_venus

Venus family
venus

Files

99bc5e82135557b8e571b2deab9f297f.bin
.exe windows x86

8a0a6f4b72306b0622a3021bfabc24ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptStringToBinaryA

comctl32

InitCommonControlsEx

wininet

HttpSendRequestA
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetReadFile

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

kernel32

GetSystemInfo
GetVersionExW
GetModuleHandleA
lstrcpyA
GetProcAddress
ExitProcess
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
VirtualFree
lstrlenA
GetVolumePathNameW
GetCommandLineW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetFileSize
QueryDosDeviceW
ReadFile
GetTempPathW
CreateMutexW
CreateProcessA
Process32NextW
IsWow64Process
GetModuleFileNameA
GetModuleFileNameW
SetVolumeMountPointW
Process32FirstW
VirtualAlloc
GetDiskFreeSpaceW
GetVolumeInformationW
WaitForMultipleObjects
lstrcmpiW
GetSystemTime
GetWindowsDirectoryW
lstrcatW
lstrcatA
GetLastError
Sleep
CreateFileW
WriteFile
lstrlenW
lstrcpyW
CreateThread
GetLogicalDriveStringsW
GetDriveTypeW
lstrcmpW
GetProcessHeap
CloseHandle
HeapReAlloc
Wow64DisableWow64FsRedirection
OpenProcess
WaitForSingleObject
GetCurrentProcess
GetComputerNameExW

user32

LoadMenuW
DestroyWindow
GetDC
SetWindowPos
CreateWindowExW
SendMessageW
RegisterClassExW
TrackPopupMenu
GetSubMenu
ShowWindow
DispatchMessageW
SetTimer
GetMessageW
SetLayeredWindowAttributes
TranslateMessage
SetWindowLongW
CheckMenuItem
GetClientRect
PostQuitMessage
RegisterWindowMessageW
SetForegroundWindow
ReleaseDC
GetCursorPos
BeginPaint
GetDesktopWindow
wsprintfW
DefWindowProcW
GetWindowLongW
wsprintfA
DrawTextW
SystemParametersInfoW
DestroyMenu
EndPaint

gdi32

DeleteDC
CreateFontW
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
BitBlt
SetBkColor
SetBkMode
GetStockObject
TextOutW
GetTextExtentPoint32W
DeleteObject
CreateDIBSection
SetTextColor

advapi32

RegQueryValueExW
RegSetValueExW
SystemFunction036
RegCloseKey
RegOpenKeyExW
RegQueryValueExA

shell32

SHBrowseForFolderW
SHEmptyRecycleBinW
SHGetPathFromIDListW
CommandLineToArgvW
ShellExecuteExW
Shell_NotifyIconW

ws2_32

ntohl
inet_addr
setsockopt
socket
gethostbyname
sendto
htons
bind
WSACleanup
WSAStartup
inet_ntoa

iphlpapi

SendARP
GetAdaptersAddresses

netapi32

NetApiBufferFree
NetShareEnum

Sections

.flat
Size: 512B - Virtual size: 333B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a0a6f4b72306b0622a3021bfabc24ea

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

comctl32

wininet

mpr

kernel32

user32

gdi32

advapi32

shell32

ws2_32

iphlpapi

netapi32

Sections

.flat Size: 512B - Virtual size: 333B

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 2KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 608B

.flat
Size: 512B - Virtual size: 333B

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 2KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 608B