Overview

overview

3

Static

static

3

DarkVision...ON.exe

windows7-x64

1

DarkVision...ON.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Darkvision.zip

  • Size

    4.1MB

  • MD5

    b8fa46b69bef8babb5afdd8c392178fe

  • SHA1

    66615845a27abce51813256044cc3a5ff2b4b099

  • SHA256

    56e6aa07662da98b71775b7be71d0addf272e209f59fb139fb470f1ce51ee0c4

  • SHA512

    81569ce4aaf47eb86ee509ff9870609067f7669e7ce74db255a878cf67a02c0b7b01e1f3680f65621d0cf3024d5ae214b065747a0795fcf61dbc2b6c8cdb41b9

  • SSDEEP

    98304:tLvcekAMSaakWyH28bCxWZgqDHxelFsDY2P6gko9wwXhEC:JmAM7lHbCxWe5sDYkNkoqO

Score
3/10

Malware Config

Signatures

  • Unsigned PE 41 IoCs

    Checks for missing Authenticode signature.

Files

  • Darkvision.zip
    .zip
  • DarkVision Rat/DARKVISION.exe
    .exe windows:5 windows x86 arch:x86

    64b234f88ec74366b22a798d0b02b24a


    Headers

    Imports

    Sections

  • DarkVision Rat/DROPPERPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    c61c8f15ab1ada85d3af8cef4761e8da


    Headers

    Imports

    Sections

  • DarkVision Rat/DROPPERPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    6aa0ffc8bf7520e9f92e49061aacc9ce


    Headers

    Imports

    Sections

  • DarkVision Rat/FILEPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    2603ac6185cae5a9d11c4b1760edd513


    Headers

    Imports

    Sections

  • DarkVision Rat/FILEPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    b7135b928b0b41a17d135afba310f435


    Headers

    Imports

    Sections

  • DarkVision Rat/HVNCPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    7429f35c51464226a056431cc232f2e0


    Headers

    Imports

    Sections

  • DarkVision Rat/HVNCPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    42aaa46f2a42e0245dedb9ecb302fdfb


    Headers

    Imports

    Sections

  • DarkVision Rat/KILLSWITCHPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    2e68d440da524cd907f6a4ad2f227ad3


    Headers

    Imports

    Sections

  • DarkVision Rat/KILLSWITCHPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    b3665936bf969fa267ff52933902f29e


    Headers

    Imports

    Sections

  • DarkVision Rat/LIVEKEYLOGGERPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    aab3f306267063cc1f3de9f102df14e9


    Headers

    Imports

    Sections

  • DarkVision Rat/LIVEKEYLOGGERPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    2f1b93fd8732d11b51b708045d39f3f3


    Headers

    Imports

    Sections

  • DarkVision Rat/MEMORYDUMPPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    858b02bab6881eff3e13cdb9fdab12e9


    Headers

    Imports

    Sections

  • DarkVision Rat/MEMORYDUMPPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    ad71a68ad83070970fb137e3269ee9c0


    Headers

    Imports

    Sections

  • DarkVision Rat/MESSAGEPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    e8d4e5bc10a2da224711b1f86c0a54c3


    Headers

    Imports

    Sections

  • DarkVision Rat/MESSAGEPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    5a1b789ee6f22749a684205b58b6f886


    Headers

    Imports

    Sections

  • DarkVision Rat/MICROPHONECAPTUREPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    b357f8b780591f5c327481df1ac3106b


    Headers

    Imports

    Sections

  • DarkVision Rat/MICROPHONECAPTUREPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    f5e33d84132dd5a50f1ed1a41fcfe029


    Headers

    Imports

    Sections

  • DarkVision Rat/OFFLINEKEYLOGGERPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    5b857cdfcd6baced0ff98d4edf8a6a9a


    Headers

    Imports

    Sections

  • DarkVision Rat/OFFLINEKEYLOGGERPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    ef33a010507e0c3b2c51175489933373


    Headers

    Imports

    Sections

  • DarkVision Rat/PASSWORDRECOVERYPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    398bfe2e8a3b16b83ac0c66c2a8c158f


    Headers

    Imports

    Sections

  • DarkVision Rat/PASSWORDRECOVERYPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    02ef1a298451701d52875dc9662f0833


    Headers

    Imports

    Sections

  • DarkVision Rat/PROCESSPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    87cbae09dca61793400c76c4a2d1b2ce


    Headers

    Imports

    Sections

  • DarkVision Rat/PROCESSPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    c25b69b8def9a74146d4672cd490608d


    Headers

    Imports

    Sections

  • DarkVision Rat/REGISTRYPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    622c98c3366578f56c5dae12a50c308f


    Headers

    Imports

    Sections

  • DarkVision Rat/REGISTRYPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    ac5f835f720b362937d20d907e20cdfd


    Headers

    Imports

    Sections

  • DarkVision Rat/REMOTESHELLPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    282fc7a11c37706ecf10825ce70fef52


    Headers

    Imports

    Sections

  • DarkVision Rat/REMOTESHELLPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    4c4301e6322f2946de8ec9240e9786f3


    Headers

    Imports

    Sections

  • DarkVision Rat/SCREENCAPTUREPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    583506e5e7e518b2e9c9952d61a41040


    Headers

    Imports

    Sections

  • DarkVision Rat/SCREENCAPTUREPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    88da1eb545a0568839384f466efda85d


    Headers

    Imports

    Sections

  • DarkVision Rat/SOCKSRELAYPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    d15d5bde26e984feb9bef91830130140


    Headers

    Imports

    Sections

  • DarkVision Rat/SOCKSRELAYPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    7b1538194556fc969f62012036c99248


    Headers

    Imports

    Sections

  • DarkVision Rat/SYSTEMCONTROLPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    e3c2a95ef165b045f3902143afb5d50f


    Headers

    Imports

    Sections

  • DarkVision Rat/SYSTEMCONTROLPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    40ed67ed94b502e3df428248aca6e97d


    Headers

    Imports

    Sections

  • DarkVision Rat/VNCPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    48b02c29a241c40915ae85639a6c867b


    Headers

    Imports

    Sections

  • DarkVision Rat/VNCPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    93091bd6b315205bbc533727a353bc36


    Headers

    Imports

    Sections

  • DarkVision Rat/WALLPAPERPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    d5f01c411703c156a030e8f04647e662


    Headers

    Imports

    Sections

  • DarkVision Rat/WALLPAPERPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    792271e5aa0ae8209513ddd0ca17980f


    Headers

    Imports

    Sections

  • DarkVision Rat/WEBCAMPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    c1cd7530c9a548c383f53a7737253aba


    Headers

    Imports

    Sections

  • DarkVision Rat/WEBCAMPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    43cabba3a2348d08457152f2d424f8d6


    Headers

    Imports

    Sections

  • DarkVision Rat/WINDOWPLUGIN32.DLL
    .dll windows:5 windows x86 arch:x86

    5f312beccb4c144aad8cabdef237f461


    Headers

    Imports

    Sections

  • DarkVision Rat/WINDOWPLUGIN64.DLL
    .dll windows:5 windows x64 arch:x64

    23b040dec8b2f3289ea5382d4d503425


    Headers

    Imports

    Sections

  • DarkVision Rat/{9B0AF4E7-83D4-4AF8-83EC-9EFAF0769048}