Overview

overview

10

Static

static

10

some.exe

windows7-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    some.exe

  • Size

    114KB

  • Sample

    230709-sszl1adg52

  • MD5

    73087e68a230fde5c9d76f9c13f585d2

  • SHA1

    14d0d852e6bc61df0a0880dc8dab21cfba7b1a89

  • SHA256

    d6e626a9d886d492459872d1e82a172ba0dc3cb788180c20c3d7fd5c02e4635a

  • SHA512

    c62adaa2b2f64b8abf0f24bd282a0ea88ee68bab434ecadb242dfa0ce066ae83df68e92938af77fe0a2ac4765d9091dfb6c268783a17d8523eb289d61f81f82d

  • SSDEEP

    3072:IJZKnPE2YyJzELtyTtyYeY8lNgoiJ+sX8HFvytbUNk:IJZKBI0tyYeY4eoiJ+sCFvj

Score
10/10
vanillaratrat

Malware Config

Targets

    • Target

      some.exe

    • Size

      114KB

    • MD5

      73087e68a230fde5c9d76f9c13f585d2

    • SHA1

      14d0d852e6bc61df0a0880dc8dab21cfba7b1a89

    • SHA256

      d6e626a9d886d492459872d1e82a172ba0dc3cb788180c20c3d7fd5c02e4635a

    • SHA512

      c62adaa2b2f64b8abf0f24bd282a0ea88ee68bab434ecadb242dfa0ce066ae83df68e92938af77fe0a2ac4765d9091dfb6c268783a17d8523eb289d61f81f82d

    • SSDEEP

      3072:IJZKnPE2YyJzELtyTtyYeY8lNgoiJ+sX8HFvytbUNk:IJZKBI0tyYeY4eoiJ+sCFvj

    Score
    10/10
    vanillaratrat

    • VanillaRat

      VanillaRat is an advanced remote administration tool coded in C#.

      ratvanillarat

    • Vanilla Rat payload

      rat

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks