venus | d74758f7cd701f111f3d2188a639abc64ca7b8ffce508024d5cf510626cff9eb

Sharing

Copy URL

Twitter E-mail

General

Target

d74758f7cd701f111f3d2188a639abc64ca7b8ffce508024d5cf510626cff9eb
Size

225KB
MD5

67b1a741e020284593a05bc4b1a3d218
SHA1

401e6815bbc62b092f96e93e9535f09d77aa4522
SHA256

d74758f7cd701f111f3d2188a639abc64ca7b8ffce508024d5cf510626cff9eb
SHA512

fc35cac1f925df0a516b4694658fc31a5fdb41ef8dee2a7d37d194e05ee06ec0f054494872f991ef90b46af7ee9ba0e2bd79a8c9109ca18d556f8b99be76067e
SSDEEP

6144:w4bJmXqQwAhojkJZkYiV50DEruMxgTw7ozFD254W:w4NeqQwAhZb9DOGcopfW

Score

10^/10

venus

Malware Config

Signatures

Venus Ransomware 1 IoCs

resource	yara_rule
sample	family_venus

Venus family
venus

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d74758f7cd701f111f3d2188a639abc64ca7b8ffce508024d5cf510626cff9eb

Files

d74758f7cd701f111f3d2188a639abc64ca7b8ffce508024d5cf510626cff9eb
.exe windows:5 windows x86 arch:x86

bb2600e94092da119ee6acbbd047be43

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptStringToBinaryA

comctl32

ord17
InitCommonControlsEx

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

kernel32

Process32FirstW
GetSystemInfo
GetVersionExW
GetModuleHandleA
lstrcpyA
GetProcAddress
ExitProcess
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetVolumeInformationW
GetVolumePathNameW
MulDiv
GetCommandLineW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetFileSize
QueryDosDeviceW
ReadFile
GetTempPathW
CreateMutexW
CreateProcessA
lstrcatA
IsWow64Process
GetModuleFileNameA
GetModuleFileNameW
SetVolumeMountPointW
Process32NextW
ResumeThread
WaitForMultipleObjects
GetComputerNameExW
lstrcmpiW
GetSystemTime
GetWindowsDirectoryW
lstrcatW
GetLastError
Sleep
GetCurrentThreadId
CreateFileW
lstrlenA
WriteFile
lstrlenW
lstrcpyW
CreateThread
GetLogicalDriveStringsW
GetDriveTypeW
GetDiskFreeSpaceW
lstrcmpW
GetProcessHeap
CloseHandle
HeapReAlloc
OpenProcess
Wow64DisableWow64FsRedirection
WaitForSingleObject
GetCurrentProcess
VirtualAlloc

user32

DefWindowProcW
GetWindowRect
GetDC
SetWindowPos
MessageBoxW
CreateWindowExW
SendMessageW
EndDialog
GetSystemMetrics
RegisterClassExW
wsprintfA
DispatchMessageW
SetTimer
RegisterHotKey
TranslateMessage
LoadCursorW
GetClientRect
GetDlgItem
PostQuitMessage
wsprintfW
DrawTextW
GetMessageW
ReleaseDC
SystemParametersInfoW
ShowWindow
LoadImageW

gdi32

CreateCompatibleBitmap
BitBlt
CreateFontW
DeleteDC
GetDeviceCaps
SetBkMode
SetTextColor
DeleteObject
GetTextExtentPoint32W
SelectObject
CreateCompatibleDC
CreateDIBSection
SetBkColor

advapi32

RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
SystemFunction036
RegQueryValueExW
RegQueryValueExA
RegCloseKey
AllocateAndInitializeSid

shell32

SHGetPathFromIDListW
CommandLineToArgvW
ShellExecuteExW
SHBrowseForFolderW
SHEmptyRecycleBinW

ws2_32

ntohl
inet_ntoa
setsockopt
socket
gethostbyname
WSAStartup
inet_addr
htons
bind
WSACleanup
sendto

iphlpapi

SendARP
GetAdaptersAddresses

netapi32

NetApiBufferFree
NetShareEnum

Sections

.flat
Size: 512B - Virtual size: 333B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb2600e94092da119ee6acbbd047be43

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

comctl32

mpr

kernel32

user32

gdi32

advapi32

shell32

ws2_32

iphlpapi

netapi32

Sections

.flat Size: 512B - Virtual size: 333B

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 83KB - Virtual size: 91KB

.rsrc Size: 512B - Virtual size: 488B

.flat
Size: 512B - Virtual size: 333B

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 83KB - Virtual size: 91KB

.rsrc
Size: 512B - Virtual size: 488B