venomrat | e7c7218f452fbb36eda2c2d8819c47ff8be794670ab045066aa5005736b26914 | Triage

Submit
Reports

Overview

overview

Static

static

e7c7218f45...14.exe

windows7-x64

e7c7218f45...14.exe

windows10-2004-x64

Sharing

General

Target

e7c7218f452fbb36eda2c2d8819c47ff8be794670ab045066aa5005736b26914
Size

65KB
Sample

240818-xsh2gasepm
MD5

7944ef9a098c7838faf559a6fecafbe4
SHA1

fadc357196af67a8cf979468374d922d8c93ed60
SHA256

e7c7218f452fbb36eda2c2d8819c47ff8be794670ab045066aa5005736b26914
SHA512

83fd910bf739115bd00161449b31ce6f227d2a6f95a5add21e011f893a052dfd58fade15a8305222464e2b3032200b20e236a9930852dfbb2a6856745ae7f1d8
SSDEEP

1536:VvNtGcoIHp0z2/a4f3fggFZNSbFN6ps7LuIXLVclN:VvqcoIHiz8aw3IcZNSbFl7LuIXBY

Score

10^/10

venomrat rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

e7c7218f452fbb36eda2c2d8819c47ff8be794670ab045066aa5005736b26914.exe

Resource

win7-20240705-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

e7c7218f452fbb36eda2c2d8819c47ff8be794670ab045066aa5005736b26914.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  e7c7218f452fbb36eda2c2d8819c47ff8be794670ab045066aa5005736b26914
- Size
  
  65KB
- MD5
  
  7944ef9a098c7838faf559a6fecafbe4
- SHA1
  
  fadc357196af67a8cf979468374d922d8c93ed60
- SHA256
  
  e7c7218f452fbb36eda2c2d8819c47ff8be794670ab045066aa5005736b26914
- SHA512
  
  83fd910bf739115bd00161449b31ce6f227d2a6f95a5add21e011f893a052dfd58fade15a8305222464e2b3032200b20e236a9930852dfbb2a6856745ae7f1d8
- SSDEEP
  
  1536:VvNtGcoIHp0z2/a4f3fggFZNSbFN6ps7LuIXLVclN:VvqcoIHiz8aw3IcZNSbFl7LuIXBY
Score

10^/10

rat
- VenomRAT
  Detects VenomRAT.
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy