Overview

overview

10

Static

static

67228849b8...c9.exe

windows7-x64

10

67228849b8...c9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    67228849b80880ab0bd4d4b6c59c15ce97e13d790aed826b7558a888492652c9

  • Size

    542KB

  • Sample

    230129-xm664sbe7w

  • MD5

    ba8a5f2f4ed11ccd9225f2511adab2ae

  • SHA1

    523762dcdc6bcdf606d53236d74ec5a273fcbf12

  • SHA256

    67228849b80880ab0bd4d4b6c59c15ce97e13d790aed826b7558a888492652c9

  • SHA512

    ecb74bd7e52d318c7b0c2568d56dfd2564b3b0cd29125cd4fb71198c0a2c8fbf761d4c2e85ef5f14d9e1b716499308209a15ebd9169ca625d6306569bef5d500

  • SSDEEP

    12288:zWR651v0Rkf6vu9jT98AvNKBZllnEmYDZV7SZ+:z6asRkSEjTOYNKrfEmYDTSQ

Score
10/10
darkvncrat

Malware Config

Targets

    • Target

      67228849b80880ab0bd4d4b6c59c15ce97e13d790aed826b7558a888492652c9

    • Size

      542KB

    • MD5

      ba8a5f2f4ed11ccd9225f2511adab2ae

    • SHA1

      523762dcdc6bcdf606d53236d74ec5a273fcbf12

    • SHA256

      67228849b80880ab0bd4d4b6c59c15ce97e13d790aed826b7558a888492652c9

    • SHA512

      ecb74bd7e52d318c7b0c2568d56dfd2564b3b0cd29125cd4fb71198c0a2c8fbf761d4c2e85ef5f14d9e1b716499308209a15ebd9169ca625d6306569bef5d500

    • SSDEEP

      12288:zWR651v0Rkf6vu9jT98AvNKBZllnEmYDZV7SZ+:z6asRkSEjTOYNKrfEmYDTSQ

    Score
    10/10
    darkvncrat

    • DarkVNC

      DarkVNC is a malicious version of the famous VNC software.

      ratdarkvnc

    • DarkVNC payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks