Overview

overview

7

Static

static

3

Force the ....3.dll

windows10-2004-x64

1

Force the ....3.dll

windows11-21h2-x64

1

Force the ...in.dll

windows10-2004-x64

1

Force the ...in.dll

windows11-21h2-x64

1

Force the ...1).exe

windows10-2004-x64

7

Force the ...1).exe

windows11-21h2-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Force_the_Venom.rar

  • Size

    547KB

  • Sample

    240219-t7xxdsgd6s

  • MD5

    c3a7c81a50466de586466955ff0ab956

  • SHA1

    a5b6609027e8b114906cfc9d366f247681dfad9d

  • SHA256

    b458972bfeeb83c9dbc3bcdf304e4e536869e253b78fcf68659cd606b3ad8b68

  • SHA512

    8e413786af91908369ff932c1486797cacf74fbe18c93b2767504e92dd4cdd5ec113b96fbb416aefb34ad2f4a5612462fd9e1b2c791c04adfedb6311c33ef325

  • SSDEEP

    12288:wBwPbnEDPGSFpSTuTEjdTA1bpfQqar64Rj6qkpE3FrLA:UwPbnEDRRAjdTsbpfQ423FrLA

Score
7/10
evasiontrojan

Malware Config

Targets

    • Target

      Force the Venom/Bunifu_UI_v1.5.3.dll

    • Size

      323KB

    • MD5

      e0ef2817ee5a7c8cd1eb837195768bd2

    • SHA1

      426ea1e201c7d3dc3fadce976536edce4cd51bce

    • SHA256

      76e1d3ec95fdef74abaf90392dd6f4aa5e344922abf11e572707287d467f2930

    • SHA512

      5ad95dd7f0e712d543acfe7fd4539695f7e894988c0a2c44231c43e5ee29e743cb1ffe6bdf1fbdbdcfd3aa374f036113bcc6a1befd0114954093520bac47234c

    • SSDEEP

      3072:cF7t/92eSp+nuthzYeSRwwdrmMaXyXL5NQKCZIWD144HcH0CbBxyKfoYA05bC61h:eOthMswV7aXyXLSO4HcHByY35b9DYr

    Score
    1/10
    behavioral1behavioral2

    • Target

      Force the Venom/MaterialSkin.dll

    • Size

      574KB

    • MD5

      dae45e51f8763bd0369a221480db0ee1

    • SHA1

      e52bdbd4e13081a014d03bffaec7d3f0969c8822

    • SHA256

      b9879df15e82c52e9166c71f7b177c57bd4c8289821a65a9d3f5228b3f606b4e

    • SHA512

      660fc090dafd639c57601290be1783a77fc96729bde628a2fb846f2c0a9c8f504f0984c9f6c4b0c4797d29c224320c8fbda0bb09188a10a3170a9e681d91a977

    • SSDEEP

      12288:rkkxswcXKC2zNWfm2YRm5sm2YRm5hkxswcXKC2zNWB:rkZX9uWfm2Yysm2YyhZX9uW

    Score
    1/10
    behavioral3behavioral4

    • Target

      Force the Venom/RobloxPlayerLauncher (1).exe

    • Size

      803KB

    • MD5

      633e9d4955e745e82e6291db8fb743b1

    • SHA1

      940fe8593b3e22b97334574a66f3b1cb15be5cc6

    • SHA256

      ffeeba0ecbe5093bb52d0e037eac8e94f44a68add6c492388e6b7414f2d28588

    • SHA512

      cadc792bd52258f066b61ece83960616bdaa8f43668910e6823c24e8a8ca2daf01a740ce656152d518475f214f34cbeb4aa8a708a3ccd1d53a52a04bef304bfa

    • SSDEEP

      24576:T/dWIGPuNImcNai7Ntmknsa+TCXVET7Hg:T/dUuNI7NaoTmzfTZXHg

    Score
    7/10
    evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks