vanillarat | 5457e63322d9eed080807b8fcc91bf1db6b71418f9f56a28a1f77e3de2e9053f | Triage

Submit
Reports

Overview

overview

Static

static

user-PC.exe

windows7-x64

user-PC.exe

android-10-x64

user-PC.exe

macos-10.15-amd64

1

Sharing

General

Target

user-PC.exe
Size

114KB
Sample

230125-flmyeagf5v
MD5

13339515c6424f70fdfcbfa1d5f22cba
SHA1

24947a5af2576155e13b2af69337d645ccd9ccff
SHA256

5457e63322d9eed080807b8fcc91bf1db6b71418f9f56a28a1f77e3de2e9053f
SHA512

f49203cd23e7ee614d1ab89453d29e02e93c0e0814eff27c841b825493ca3842dd88861769df87c9c7df31b568f46eba56f833c0622a7d85556c3bc522740544
SSDEEP

3072:EgZApdYrD28fbJB2yLtyTkbjjxK3QdjrxivW+DXnH4vymbs1j:E/pe1J0kbXtrxivW+D34vq

Score

10^/10

vanillarat android macos persistence rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

user-PC.exe

Resource

win7-20221111-en

vanillarat persistence rat

windows7-x64

8 signatures

1800 seconds

Behavioral task

behavioral2

Sample

user-PC.exe

Resource

android-x64-20220823-en

android-10-x64

0 signatures

1800 seconds

Behavioral task

behavioral3

Sample

user-PC.exe

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

1800 seconds

Malware Config

Targets

- Target
  
  user-PC.exe
- Size
  
  114KB
- MD5
  
  13339515c6424f70fdfcbfa1d5f22cba
- SHA1
  
  24947a5af2576155e13b2af69337d645ccd9ccff
- SHA256
  
  5457e63322d9eed080807b8fcc91bf1db6b71418f9f56a28a1f77e3de2e9053f
- SHA512
  
  f49203cd23e7ee614d1ab89453d29e02e93c0e0814eff27c841b825493ca3842dd88861769df87c9c7df31b568f46eba56f833c0622a7d85556c3bc522740544
- SSDEEP
  
  3072:EgZApdYrD28fbJB2yLtyTkbjjxK3QdjrxivW+DXnH4vymbs1j:E/pe1J0kbXtrxivW+D34vq
Score

10^/10

vanillarat persistence rat
- VanillaRat
  VanillaRat is an advanced remote administration tool coded in C#.
  rat vanillarat
- Vanilla Rat payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vanillaratpersistencerat

behavioral2

behavioral3

© 2018-2024

Terms | Privacy