vanillarat | 3ba0993bd95aa81f72ad13fa9cfb2304f715bebe4a486b688d6b1252e8f67d44 | Triage

Submit
Reports

Overview

overview

Static

static

TeamViewer_Setup.exe

windows7-x64

Sharing

General

Target

TeamViewer_Setup.exe
Size

167KB
Sample

230717-t9nrhade53
MD5

e9b22671e6d12b6e916ba894ac226db6
SHA1

81b6798f8f3168d65a114906dc0613bbedb0a51f
SHA256

3ba0993bd95aa81f72ad13fa9cfb2304f715bebe4a486b688d6b1252e8f67d44
SHA512

7d29251d77cbe813d0d414377e8d09438e3d457b12ed9d03898f7fa5c1a3538ff4407bb962ff033a665244b182c828126c62f5f1917155ce81001f9835208b42
SSDEEP

3072:vJZKnPE2YyJzELtyTFyYeY8lNgoiJ+sX8HFvytbCNIR6kqOJTMMz+:vJZKBI0FyYeY4eoiJ+sCFvRSHbz+

Score

10^/10

vanillarat persistence rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

TeamViewer_Setup.exe

Resource

win7-20230712-en

vanillarat persistence rat

windows7-x64

15 signatures

1200 seconds

Malware Config

Targets

- Target
  
  TeamViewer_Setup.exe
- Size
  
  167KB
- MD5
  
  e9b22671e6d12b6e916ba894ac226db6
- SHA1
  
  81b6798f8f3168d65a114906dc0613bbedb0a51f
- SHA256
  
  3ba0993bd95aa81f72ad13fa9cfb2304f715bebe4a486b688d6b1252e8f67d44
- SHA512
  
  7d29251d77cbe813d0d414377e8d09438e3d457b12ed9d03898f7fa5c1a3538ff4407bb962ff033a665244b182c828126c62f5f1917155ce81001f9835208b42
- SSDEEP
  
  3072:vJZKnPE2YyJzELtyTFyYeY8lNgoiJ+sX8HFvytbCNIR6kqOJTMMz+:vJZKBI0FyYeY4eoiJ+sCFvRSHbz+
Score

10^/10

vanillarat persistence rat
- VanillaRat
  VanillaRat is an advanced remote administration tool coded in C#.
  rat vanillarat
- Vanilla Rat payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

vanillaratpersistencerat

© 2018-2024

Terms | Privacy