General
-
Target
TeamViewer_Setup.exe
-
Size
470KB
-
Sample
230718-mbc4sahe42
-
MD5
17e792b0bb256533ce3fda3a2c4a093a
-
SHA1
901d60993c45332419f9f8619dec044e2a9fc41a
-
SHA256
4c477e0e78863415e64ce9656ef2d1db0e45e60d02ccd21ad52ae51f637815f1
-
SHA512
e5cea3e26bb612067546e7eb8e21689a98a1c6ff032ff466eface6cee1cb8c547880efe1bc9e2046e121e637e6fa032fb311b1b22aa18d501bfbc15970e448eb
-
SSDEEP
6144:hqly+DJZKBI0FyYeY4eoiJ+sCFv1A4Inlz+:SOyYrZos+xFvIl6
Malware Config
Targets
-
-
Target
TeamViewer_Setup.exe
-
Size
470KB
-
MD5
17e792b0bb256533ce3fda3a2c4a093a
-
SHA1
901d60993c45332419f9f8619dec044e2a9fc41a
-
SHA256
4c477e0e78863415e64ce9656ef2d1db0e45e60d02ccd21ad52ae51f637815f1
-
SHA512
e5cea3e26bb612067546e7eb8e21689a98a1c6ff032ff466eface6cee1cb8c547880efe1bc9e2046e121e637e6fa032fb311b1b22aa18d501bfbc15970e448eb
-
SSDEEP
6144:hqly+DJZKBI0FyYeY4eoiJ+sCFv1A4Inlz+:SOyYrZos+xFvIl6
Score10/10-
UAC bypass
-
VanillaRat
VanillaRat is an advanced remote administration tool coded in C#.
-
Vanilla Rat payload
-
Adds Run key to start application
-
Drops file in System32 directory
-