Overview

overview

10

Static

static

10

984802aef7...0N.exe

windows7-x64

10

984802aef7...0N.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    16-07-2024 08:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    984802aef7e8a7d9abc4249419be7de0N.exe

  • Size

    279KB

  • MD5

    984802aef7e8a7d9abc4249419be7de0

  • SHA1

    5014c804ae4c2058cf1e268064c23ed952d2a1d4

  • SHA256

    ebad81bd8eae1bc4c3478847369dacadd968f0091c24d875a7428b91c9634f46

  • SHA512

    51bdcf089020e5d6475372d734eb84328f7f13df4e8029281ed9d73474924fe103027195749a9f445029a970d78cecf39873326b3688653ef72317a6fd8ab79f

  • SSDEEP

    3072:OgZApdYrD28fbJB2yLtyTUbjjxK3QdjrxivW+DXnH4vymbi1Mda+A:O/pe1J0UbXtrxivW+D34v4Mda+

Score
10/10
vanillaratrat

Malware Config

Signatures

  • VanillaRat

    VanillaRat is an advanced remote administration tool coded in C#.

    ratvanillarat
  • Vanilla Rat payload 1 IoCs
    rat

Processes

  • C:\Users\Admin\AppData\Local\Temp\984802aef7e8a7d9abc4249419be7de0N.exe
    "C:\Users\Admin\AppData\Local\Temp\984802aef7e8a7d9abc4249419be7de0N.exe"
    1⤵
      PID:2852

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2852-0-0x000000007490E000-0x000000007490F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2852-1-0x0000000000020000-0x000000000006A000-memory.dmp

      Filesize

      296KB

      Download

    • memory/2852-2-0x0000000074900000-0x0000000074FEE000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/2852-3-0x000000007490E000-0x000000007490F000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2852-4-0x0000000074900000-0x0000000074FEE000-memory.dmp

      Filesize

      6.9MB

      Download