Overview

overview

10

Static

static

42b793620c...b0.exe

windows7-x64

10

42b793620c...b0.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42b793620ccc9b361fb627bbc381201a16e55b275446cdd466abedb8c99998b0

  • Size

    3.9MB

  • Sample

    221130-va38ksgf34

  • MD5

    0cd38e18027da4fa19ef7e53155b6995

  • SHA1

    d620be0f573e9236f4e20cd8d442af39943059e0

  • SHA256

    42b793620ccc9b361fb627bbc381201a16e55b275446cdd466abedb8c99998b0

  • SHA512

    104c660eca8027b508998d66f925eab992a7e8384eee363b765c36de50beedb12fe2f20ef9784dcb2bcabb98da7163bddbe7f420326447569bedaabfbd5924a6

  • SSDEEP

    98304:i0NB93Q53yuQaxlCiHqORcwxDAoHa126mUsj:i0g3wWzHDc8DAoHSmUs

Score
10/10
darkvncrat

Malware Config

Targets

    • Target

      42b793620ccc9b361fb627bbc381201a16e55b275446cdd466abedb8c99998b0

    • Size

      3.9MB

    • MD5

      0cd38e18027da4fa19ef7e53155b6995

    • SHA1

      d620be0f573e9236f4e20cd8d442af39943059e0

    • SHA256

      42b793620ccc9b361fb627bbc381201a16e55b275446cdd466abedb8c99998b0

    • SHA512

      104c660eca8027b508998d66f925eab992a7e8384eee363b765c36de50beedb12fe2f20ef9784dcb2bcabb98da7163bddbe7f420326447569bedaabfbd5924a6

    • SSDEEP

      98304:i0NB93Q53yuQaxlCiHqORcwxDAoHa126mUsj:i0g3wWzHDc8DAoHSmUs

    Score
    10/10
    darkvncrat

    • DarkVNC

      DarkVNC is a malicious version of the famous VNC software.

      ratdarkvnc

    • DarkVNC payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks