venus | 931cab7fbc0eb2bbc5768f8abdcc029cef76aff98540d9f5214786dccdb6a224 (1)

Sharing

Copy URL

Twitter E-mail

General

Target

931cab7fbc0eb2bbc5768f8abdcc029cef76aff98540d9f5214786dccdb6a224 (1)
Size

225KB
MD5

e75c4033f31862d8e71afe87620e2cce
SHA1

ff5095b2501fd9beee4fbe0f2a17a3151b540476
SHA256

931cab7fbc0eb2bbc5768f8abdcc029cef76aff98540d9f5214786dccdb6a224
SHA512

00210ec5079aa9adbe594b009ec0f6f866295fb4191dc55c4214cb876e88bfc81aa41701dfa7c7b4964363fded98d78d1b0361b78c62a80bea07dad52f7ce5f0
SSDEEP

6144:xQJmXLQwAhWUkJ0kfV50DErCMxgTw7ozFD254W:xeeLQwAi07DKGcopfW

Score

10^/10

venus

Malware Config

Signatures

Venus Ransomware 1 IoCs

Processes:

resource yara_rule

sample family_venus
Venus family
venus

resource	yara_rule
sample	family_venus

Files

931cab7fbc0eb2bbc5768f8abdcc029cef76aff98540d9f5214786dccdb6a224 (1)
.exe windows x86

bb2600e94092da119ee6acbbd047be43

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptStringToBinaryA

comctl32

ord17
InitCommonControlsEx

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

kernel32

Process32FirstW
GetSystemInfo
GetVersionExW
GetModuleHandleA
lstrcpyA
GetProcAddress
ExitProcess
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetVolumeInformationW
GetVolumePathNameW
MulDiv
GetCommandLineW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetFileSize
QueryDosDeviceW
ReadFile
GetTempPathW
CreateMutexW
CreateProcessA
lstrcatA
IsWow64Process
GetModuleFileNameA
GetModuleFileNameW
SetVolumeMountPointW
Process32NextW
ResumeThread
WaitForMultipleObjects
GetComputerNameExW
lstrcmpiW
GetSystemTime
GetWindowsDirectoryW
lstrcatW
GetLastError
Sleep
GetCurrentThreadId
CreateFileW
lstrlenA
WriteFile
lstrlenW
lstrcpyW
CreateThread
GetLogicalDriveStringsW
GetDriveTypeW
GetDiskFreeSpaceW
lstrcmpW
GetProcessHeap
CloseHandle
HeapReAlloc
OpenProcess
Wow64DisableWow64FsRedirection
WaitForSingleObject
GetCurrentProcess
VirtualAlloc

user32

DefWindowProcW
GetWindowRect
GetDC
SetWindowPos
MessageBoxW
CreateWindowExW
SendMessageW
EndDialog
GetSystemMetrics
RegisterClassExW
wsprintfA
DispatchMessageW
SetTimer
RegisterHotKey
TranslateMessage
LoadCursorW
GetClientRect
GetDlgItem
PostQuitMessage
wsprintfW
DrawTextW
GetMessageW
ReleaseDC
SystemParametersInfoW
ShowWindow
LoadImageW

gdi32

CreateCompatibleBitmap
BitBlt
CreateFontW
DeleteDC
GetDeviceCaps
SetBkMode
SetTextColor
DeleteObject
GetTextExtentPoint32W
SelectObject
CreateCompatibleDC
CreateDIBSection
SetBkColor

advapi32

RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
SystemFunction036
RegQueryValueExW
RegQueryValueExA
RegCloseKey
AllocateAndInitializeSid

shell32

SHGetPathFromIDListW
CommandLineToArgvW
ShellExecuteExW
SHBrowseForFolderW
SHEmptyRecycleBinW

ws2_32

ntohl
inet_ntoa
setsockopt
socket
gethostbyname
WSAStartup
inet_addr
htons
bind
WSACleanup
sendto

iphlpapi

SendARP
GetAdaptersAddresses

netapi32

NetApiBufferFree
NetShareEnum

Sections

.flat
Size: 512B - Virtual size: 333B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb2600e94092da119ee6acbbd047be43

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

comctl32

mpr

kernel32

user32

gdi32

advapi32

shell32

ws2_32

iphlpapi

netapi32

Sections

.flat Size: 512B - Virtual size: 333B

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 83KB - Virtual size: 91KB

.rsrc Size: 512B - Virtual size: 480B

.flat
Size: 512B - Virtual size: 333B

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 83KB - Virtual size: 91KB

.rsrc
Size: 512B - Virtual size: 480B