Dangerous RAT 2020 Cracked by Unknown Venom_protected[.]exe | Triage

Resubmissions

28/05/2023, 12:03

230528-n72yfsfa68 10

28/05/2023, 11:59

230528-n57e6afe2v 10

Sharing

General

Target

Dangerous RAT 2020 Cracked by Unknown Venom_protected.exe
Size

11.4MB
MD5

3fb1988c4da1074f212f9c5f573de291
SHA1

546375441b836339edea0c957b957c3558893654
SHA256

08fdc6bce95b855e1c9daf5fb2dff4511a93af103cb525e53dd4a12b2b3da6ea
SHA512

60f74e514e94808692b778df4b17dc1da2c9d93c30f506bb2894cdf9306a55782bda842f6317f023003d81d7b5555fd0c91bb75b6d28c5398c3dad15e273765e
SSDEEP

196608:9+jCeqJ6gnNOsaslXu5FY33GPbS3RDTqZhqCi3UX0jwgnUuRfMXwWa+Wfji:HUnspeS33GPbShDTApi3UXWBnMgp

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Dangerous RAT 2020 Cracked by Unknown Venom_protected.exe

Files

Dangerous RAT 2020 Cracked by Unknown Venom_protected.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 7.8MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 74KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ