Overview
overview
10Static
static
107z.exe
windows10-1703-x64
17z.exe
windows10-2004-x64
1Plugins/Keylogger.exe
windows10-1703-x64
1Plugins/Keylogger.exe
windows10-2004-x64
1VenomRAT_HVNC.exe
windows10-1703-x64
7VenomRAT_HVNC.exe
windows10-2004-x64
10readme.txt
windows10-1703-x64
1readme.txt
windows10-2004-x64
1Analysis
-
max time kernel
30s -
max time network
33s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
28-02-2023 04:33
Behavioral task
behavioral1
Sample
7z.exe
Resource
win10-20230220-en
Behavioral task
behavioral2
Sample
7z.exe
Resource
win10v2004-20230221-en
Behavioral task
behavioral3
Sample
Plugins/Keylogger.exe
Resource
win10-20230220-en
Behavioral task
behavioral4
Sample
Plugins/Keylogger.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
VenomRAT_HVNC.exe
Resource
win10-20230220-en
Behavioral task
behavioral6
Sample
VenomRAT_HVNC.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
readme.txt
Resource
win10-20230220-en
Behavioral task
behavioral8
Sample
readme.txt
Resource
win10v2004-20230220-en
General
-
Target
readme.txt
-
Size
740B
-
MD5
4dc812ec4ed8b9f6b117eebf783d78cc
-
SHA1
4f17b61b3693b3469e61781af895e7e437a6e5ad
-
SHA256
8746b7b6305d3fd5d986fab51e9db647319b5673bb96b7d8082e416ab2508b03
-
SHA512
92c9215d387f0c29147d69d47f4a07ac1f093504eb14e63160838001d179e164c51efe1459a269a396263edf6bc1c4faea206671591ee728b907506f034c7d15
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 4436 NOTEPAD.EXE