vanillarat | f05a9ea1aa0a3f710c58366adf8c58ee9525537cbf2f621f753bd4a1ff5db8f3 | Triage

Submit
Reports

Overview

overview

Static

static

3

f05a9ea1aa...f3.exe

windows7-x64

f05a9ea1aa...f3.exe

windows10-2004-x64

Sharing

General

Target

f05a9ea1aa0a3f710c58366adf8c58ee9525537cbf2f621f753bd4a1ff5db8f3
Size

262KB
Sample

240810-q22fvasakq
MD5

bbcc8d6a95a55db7ca0d7c13c4001cc1
SHA1

b78619aa278f8b509bcae75743bf57a178d954f5
SHA256

f05a9ea1aa0a3f710c58366adf8c58ee9525537cbf2f621f753bd4a1ff5db8f3
SHA512

f1848a40e65cc321ce0bac526a81afde701816d82bad5299bb866a3915b5b77b0bb69863a8efbb3ec9eff8574bc33fa4de0e797cffc9f24720e15b43d29084a3
SSDEEP

3072:/M34HhBc6OoSt96DWV2Uy+fmT/xzgA8MOoovdXXRRv2psoXWb9ZDGL4lXslzlq:/04HhBc6OXt96DWVvyjTFNwxXcUo

Score

10^/10

vanillarat discovery rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f05a9ea1aa0a3f710c58366adf8c58ee9525537cbf2f621f753bd4a1ff5db8f3.exe

Resource

win7-20240705-en

vanillarat discovery rat

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

f05a9ea1aa0a3f710c58366adf8c58ee9525537cbf2f621f753bd4a1ff5db8f3.exe

Resource

win10v2004-20240802-en

vanillarat discovery rat

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  f05a9ea1aa0a3f710c58366adf8c58ee9525537cbf2f621f753bd4a1ff5db8f3
- Size
  
  262KB
- MD5
  
  bbcc8d6a95a55db7ca0d7c13c4001cc1
- SHA1
  
  b78619aa278f8b509bcae75743bf57a178d954f5
- SHA256
  
  f05a9ea1aa0a3f710c58366adf8c58ee9525537cbf2f621f753bd4a1ff5db8f3
- SHA512
  
  f1848a40e65cc321ce0bac526a81afde701816d82bad5299bb866a3915b5b77b0bb69863a8efbb3ec9eff8574bc33fa4de0e797cffc9f24720e15b43d29084a3
- SSDEEP
  
  3072:/M34HhBc6OoSt96DWV2Uy+fmT/xzgA8MOoovdXXRRv2psoXWb9ZDGL4lXslzlq:/04HhBc6OXt96DWVvyjTFNwxXcUo
Score

10^/10

vanillarat discovery rat
- VanillaRat
  VanillaRat is an advanced remote administration tool coded in C#.
  rat vanillarat
- Vanilla Rat payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vanillaratdiscoveryrat

behavioral2

vanillaratdiscoveryrat

© 2018-2024

Terms | Privacy