Static task
static1
General
-
Target
Storm_v1.0_RAT.rar
-
Size
121KB
-
MD5
854ee8fcc9e1488635f58710a3fb836e
-
SHA1
070953d6946873951c375b4860a7f7bb2cc81466
-
SHA256
1317abdcd6c6b79d745e5d4178b969edc9da67efcdb20ac92e24177fb884535a
-
SHA512
3b065bb66bed42e0c793253d76f2c8882deab797f2352b8bf7fc1e9dfc51595a81cb738cc5cbd374c0d9c219208e1f136bdc0ad78a806fa9eda9245ba28a9c91
-
SSDEEP
3072:+wA49HmL9c7kge8xGfxhyU+EOC3LhBkU2YNIG3mpHQ:+wA49HEIeUExhyUjOCbhBNNIY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/[VB]Storm 1.0/Storm 1.0/COMCTL32.oca
Files
-
Storm_v1.0_RAT.rar.rar
-
[VB]Storm 1.0/OpenSC.cjb.net
-
[VB]Storm 1.0/Storm 1.0/COMCTL32.oca.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.text Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 4KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 230KB - Virtual size: 232KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: - Virtual size:
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
[VB]Storm 1.0/Storm 1.0/Client.vbp
-
[VB]Storm 1.0/Storm 1.0/Client.vbw
-
[VB]Storm 1.0/Storm 1.0/FORM2.log
-
[VB]Storm 1.0/Storm 1.0/Form1.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/Form1.frx
-
[VB]Storm 1.0/Storm 1.0/Form2.frm
-
[VB]Storm 1.0/Storm 1.0/Form2.frx
-
[VB]Storm 1.0/Storm 1.0/MSSCCPRJ.SCC
-
[VB]Storm 1.0/Storm 1.0/ModAPI.bas.vbs
-
[VB]Storm 1.0/Storm 1.0/ModCD.bas
-
[VB]Storm 1.0/Storm 1.0/ModChoose.bas.vbs
-
[VB]Storm 1.0/Storm 1.0/ModDesktop.bas.vbs
-
[VB]Storm 1.0/Storm 1.0/ModGetSysColors.bas
-
[VB]Storm 1.0/Storm 1.0/ModKeyLog.bas.vbs
-
[VB]Storm 1.0/Storm 1.0/ModMatrix.bas
-
[VB]Storm 1.0/Storm 1.0/ModPasswords.bas.vbs
-
[VB]Storm 1.0/Storm 1.0/ModPriority.bas
-
[VB]Storm 1.0/Storm 1.0/ModRGB.bas
-
[VB]Storm 1.0/Storm 1.0/Module1.bas.vbs
-
[VB]Storm 1.0/Storm 1.0/Server.vbp
-
[VB]Storm 1.0/Storm 1.0/clsGradient.cls.vbs
-
[VB]Storm 1.0/Storm 1.0/frmChat.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/frmColor.frm
-
[VB]Storm 1.0/Storm 1.0/frmColorMsg.frm
-
[VB]Storm 1.0/Storm 1.0/frmDesktop.frm
-
[VB]Storm 1.0/Storm 1.0/frmDrives.frm
-
[VB]Storm 1.0/Storm 1.0/frmExtra.frm
-
[VB]Storm 1.0/Storm 1.0/frmFile.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/frmFile.frx
-
[VB]Storm 1.0/Storm 1.0/frmFullScreen.frm
-
[VB]Storm 1.0/Storm 1.0/frmKeyLog.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/frmMain.frm
-
[VB]Storm 1.0/Storm 1.0/frmMain.frx
-
[VB]Storm 1.0/Storm 1.0/frmMain.log
-
[VB]Storm 1.0/Storm 1.0/frmMatrix.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/frmMouse.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/frmMouse.frx
-
[VB]Storm 1.0/Storm 1.0/frmMsg.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/frmMsg.frx
-
[VB]Storm 1.0/Storm 1.0/frmScreenSave.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/frmScreenSave.frx
-
[VB]Storm 1.0/Storm 1.0/frmServerChat.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/frmSysColor.frm.vbs
-
[VB]Storm 1.0/Storm 1.0/frmSysColor.frx