xworm | VenomRat-Remote+HVNC[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

VenomRat-R...NC.exe

windows7-x64

VenomRat-R...NC.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

VenomRat-Remote+HVNC.exe

Resource

win7-20230220-en

xworm persistence rat trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

VenomRat-Remote+HVNC.exe

Resource

win10v2004-20230220-en

xworm persistence ransomware rat trojan

windows10-2004-x64

20 signatures

150 seconds

General

Target

VenomRat-Remote+HVNC.exe
Size

70KB
MD5

1ff7c9e2ec0d232ec66f0f69a9c6e773
SHA1

74de62d6d0d8382483f73d5a68155a23ea556a26
SHA256

4ad8b8a961edd0de5f4631bfe3152a1e06d109f391435d16c683e1821b446e1f
SHA512

4d2afc4137a6991c63fdfa85cbdad015199c20a9d56e6acc927268fe8b4f27d90e3381247ba4dd4ff809488b523191d61fd50dc4199222be5e5aa6b695d7a025
SSDEEP

1536:hn03OKs/mKtszHW7y8WbpIt/2jlFJo2fOyI2b33:h03jO0W7QbpI10lzoQOyIc3

Score

10^/10

xworm

Malware Config

Extracted

Family

xworm

C2

180.ip.ply.gg:8840

Signatures

Xworm family
xworm

Files

VenomRat-Remote+HVNC.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy