Venom RAT + Stealer + HVNC[.]exe | Triage

Sharing

General

Target

Venom RAT + Stealer + HVNC.exe
Size

14.3MB
MD5

d9a91babacaf65923e28841d7995b80c
SHA1

57df4208c6a87ef881cf2021a1ad431a21456248
SHA256

8b5773001a13cd82f47b129c4673c2fdfe9a19852825a72b1231f6333cd22951
SHA512

6e0eb14b2a14d35884dd6d4505ea78d28ae6cee6ec59cabcb9a2499f63539d217196d7afca7b8e299ca8c9b447218f421c5372ebbd0167fbe2d803c68125c6bc
SSDEEP

393216:w2CdPoVETWa1Z4c80Gz/e5Yyb0Pn1a7kIGvZscp1Ae8A:wWIWa1acPGC5Yyb0PnikXZ1p198

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Venom RAT + Stealer + HVNC.exe

Files

Venom RAT + Stealer + HVNC.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14.3MB - Virtual size: 14.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ