General

  • Target

    VanillaStub.exe

  • Size

    114KB

  • Sample

    240807-r4m7nstamc

  • MD5

    185526401b0a3a083c797cac3598051a

  • SHA1

    a3a4c4fd2b7f07843e0ac8eeb62b2c8871421b4f

  • SHA256

    caba6c8f198ca5ec08ece1687210e756b860c90ecc32b49ef38a1a7d14524abe

  • SHA512

    ea4f5e217be971950a05bd096dd526f40958ed2b92cbc62a21a83d258b665f35b13b32809b9cf4751887c743e1f58aaebecfab5c3b6ac1ed8e5bd968187adf3f

  • SSDEEP

    3072:xgFtDHh9m0xajuYXPiKo3s+DXgHKv8mbIXC0LtyTy:aFRh9mEaKHS+DeKvYSE0

Malware Config

Targets

    • Target

      VanillaStub.exe

    • Size

      114KB

    • MD5

      185526401b0a3a083c797cac3598051a

    • SHA1

      a3a4c4fd2b7f07843e0ac8eeb62b2c8871421b4f

    • SHA256

      caba6c8f198ca5ec08ece1687210e756b860c90ecc32b49ef38a1a7d14524abe

    • SHA512

      ea4f5e217be971950a05bd096dd526f40958ed2b92cbc62a21a83d258b665f35b13b32809b9cf4751887c743e1f58aaebecfab5c3b6ac1ed8e5bd968187adf3f

    • SSDEEP

      3072:xgFtDHh9m0xajuYXPiKo3s+DXgHKv8mbIXC0LtyTy:aFRh9mEaKHS+DeKvYSE0

    • VanillaRat

      VanillaRat is an advanced remote administration tool coded in C#.

    • Vanilla Rat payload

MITRE ATT&CK Enterprise v15

Tasks