vanillarat | VanillaRat[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

VanillaRat.rar
Size

9.3MB
MD5

a049dc80cb0ce48c4e91ac7d5172a082
SHA1

e45fe95f502072b7ff28e6b3978fc0fd80e58ca1
SHA256

e590d9d061fc38da277121abaf50c5d2432fe4cab8eb4fc347687d04c188f34b
SHA512

0785dc1529f61a5b9af743d24cd5aa836b871dc077cc2ec37b0c66998f79c5fed260e1d4859a43ccb7fc5e0fab0173e64f59f245106325f7e36b6a6bd4a5dfea
SSDEEP

196608:JBl2bbnL8Gw727XWgrz7BrNsMeYg58cvLXthkIYisyqIjRqVTvBKFsOcoN:JB8bbn4umoPgMeb8cLtSIjsyqIEVYFsC

Score

10^/10

rat vanillarat

Malware Config

Signatures

Vanilla Rat payload 1 IoCs

rat

Processes:

resource	yara_rule
static1/unpack001/VanillaRat/Main/VanillaStub.exe	vanillarat

Vanillarat family
vanillarat

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/VanillaRat/Main/VanillaRat.exe
unpack001/VanillaRat/Main/VanillaStub.exe

Files

VanillaRat.rar
.rar
VanillaRat/Handlers/HandlerInstaller.bat
VanillaRat/Main/VanillaRat.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VanillaRat/Main/VanillaStub.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VanillaRat/Main/dnlib.xml
.xml
VanillaRat/Start.bat

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 109KB - Virtual size: 108KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 109KB - Virtual size: 108KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B