General
-
Target
Release.rar
-
Size
6.6MB
-
Sample
221124-j6d3saah78
-
MD5
8f351e4f842e44f6eb5971a15c0951b0
-
SHA1
65541893f4543f393f8e6af29f16c132459860bd
-
SHA256
f7e08115aa4fca9ce8dd2795a9ba5c8b8416f0f48a7b87900e160bf7bcbea08f
-
SHA512
0bbb319a962a5ebf93acd61bcfac7787607bf1214b3339ae1ac2776c9475d2c0719e54c2eb35477c28bf16a25213194ddf935f31619097b22b0413d1a68991f5
-
SSDEEP
196608:iKFim8lh+N0852wkz5qxm9vBEqUJrXu/cTEaHN:vFim8lh+r52NqQtG1u/cHHN
Malware Config
Targets
-
-
Target
VenomRAT_HVNC.exe
-
Size
16.5MB
-
MD5
31be8acd11aa5738dd970410adb597da
-
SHA1
cd4d52b884066e1a47fd27b616cfafeb66225cde
-
SHA256
e78a5ee885dc3b170a5e009aaf1a2db565ac1bf729a0c2195ebfe56420717abb
-
SHA512
ee621bf362cd717d9b026f14e5ff1da5f28fbdb5c58dacd3a8da120e5472baaaef22b052a08d51d49b6dae30cf15178b588acd5cb3596c2e0f2ef533e467ba94
-
SSDEEP
393216:Hl9Yl7Elel7ElAlQleTl/l/l/l/l/lzlml/lqlZlHl/l/l/l/l/l/lIlAl+lUl2+:JTXT
-
Async RAT payload
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-