darkvnc | f4d6fa18bba78d69e878956143665a8f6b489ad5fb5b292507debdc5d3db7008 | Triage

Submit
Reports

Overview

overview

Static

static

3

SecuriteIn...30.exe

windows7-x64

1

SecuriteIn...30.exe

windows10-2004-x64

Sharing

General

Target

SecuriteInfo.com.W32.MSIL_Agent.FSF.gen.Eldorado.16679.16830.exe
Size

12.9MB
Sample

230630-ve5bfafa2x
MD5

9fef7d7554ca2ed502bad3981933528f
SHA1

0e395c5ac3d9d9a6292d76ea17c68ad32324f7da
SHA256

f4d6fa18bba78d69e878956143665a8f6b489ad5fb5b292507debdc5d3db7008
SHA512

785bdc61e5bf52cb84acc2f53b1bcdb48559bd4dfd66f832d2511de7ef0778033138e237790c0e4cfe406512003e8ac3840918366366903a91aa6323ea2ec8d9
SSDEEP

393216:kfyUxSEpVci5KAqTcqxIJGYMkHZ6K/qE:kKuHHcSqxZY16KyE

Score

10^/10

darkvnc rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SecuriteInfo.com.W32.MSIL_Agent.FSF.gen.Eldorado.16679.16830.exe

Resource

win7-20230621-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.W32.MSIL_Agent.FSF.gen.Eldorado.16679.16830.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.W32.MSIL_Agent.FSF.gen.Eldorado.16679.16830.exe
- Size
  
  12.9MB
- MD5
  
  9fef7d7554ca2ed502bad3981933528f
- SHA1
  
  0e395c5ac3d9d9a6292d76ea17c68ad32324f7da
- SHA256
  
  f4d6fa18bba78d69e878956143665a8f6b489ad5fb5b292507debdc5d3db7008
- SHA512
  
  785bdc61e5bf52cb84acc2f53b1bcdb48559bd4dfd66f832d2511de7ef0778033138e237790c0e4cfe406512003e8ac3840918366366903a91aa6323ea2ec8d9
- SSDEEP
  
  393216:kfyUxSEpVci5KAqTcqxIJGYMkHZ6K/qE:kKuHHcSqxZY16KyE
Score

10^/10

darkvnc rat
- DarkVNC
  DarkVNC is a malicious version of the famous VNC software.
  rat darkvnc
- DarkVNC payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy