46c17ffefbfcaa044cbbcbb33d6219da84538c22a51e53bff647c87da33a0bd9 | Triage

Submit
Reports

Overview

overview

Static

static

VenomRAT v...nt.exe

windows7-x64

VenomRAT v...nt.exe

windows10-2004-x64

VenomRAT v...er.exe

windows7-x64

1

VenomRAT v...er.exe

windows10-2004-x64

1

VenomRAT v...er.exe

windows7-x64

1

VenomRAT v...er.exe

windows10-2004-x64

1

VenomRAT v...er.exe

windows7-x64

1

VenomRAT v...er.exe

windows10-2004-x64

1

VenomRAT v...nc.exe

windows7-x64

1

VenomRAT v...nc.exe

windows10-2004-x64

1

VenomRAT v...ny.exe

windows7-x64

VenomRAT v...ny.exe

windows10-2004-x64

VenomRAT v...64.exe

windows7-x64

VenomRAT v...64.exe

windows10-2004-x64

VenomRAT v...er.exe

windows7-x64

VenomRAT v...er.exe

windows10-2004-x64

Analysis

max time kernel
141s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
22-11-2024 16:14

Sharing

Static task

static1

rat default asyncrat stormkitty

5 signatures

Behavioral task

behavioral1

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Client.exe

Resource

win7-20240903-en

asyncrat default rat

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Client.exe

Resource

win10v2004-20241007-en

asyncrat default rat

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/DevExpress.WinRTPresenter.Launcher.exe

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/DevExpress.WinRTPresenter.Launcher.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Keylogger.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Keylogger.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Plugins/Keylogger.exe

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Plugins/Keylogger.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Plugins/hvnc.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Plugins/hvnc.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Stub/ClientAny.exe

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral12

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Stub/ClientAny.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Stub/Clientx64.exe

Resource

win7-20240708-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral14

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Stub/Clientx64.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Venom RAT + HVNC + Stealer + Grabber.exe

Resource

win7-20241010-en

asyncrat default discovery rat

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral16

Sample

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Venom RAT + HVNC + Stealer + Grabber.exe

Resource

win10v2004-20241007-en

asyncrat default discovery evasion execution rat trojan

windows10-2004-x64

20 signatures

150 seconds

Report Analysis Logs

General

Target

VenomRAT v6.0.3 (+SOURCE)/VenomRAT v6.0.3 (SOURCE)/Plugins/hvnc.exe
Size

36KB
MD5

fc73d7d3f06595cee03b6d5c8d7f1288
SHA1

295e40e9b723ca96bbfcd7e2e9f4c57f9cfe31fb
SHA256

995eda42ca6298269c8ce9e6c6fe857704ceec211911bae8379f8e905eae6d32
SHA512

ad99172ca8c444b8c8473522d8c40229426b5cf9c7db49cd42d92804bc3d197ca9ca947fe8d77ec9abbd24cc386c7fa40128dd3b724d26a235d879fdf9c60fc0
SSDEEP

768:fB92a2NJWV2D2i/BLJUxGAPqpWupz/CTRtYnhbnpwgCWPL2Pi:7fPqAupz/SehbigCWjl

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\VenomRAT v6.0.3 (+SOURCE)\VenomRAT v6.0.3 (SOURCE)\Plugins\hvnc.exe
"C:\Users\Admin\AppData\Local\Temp\VenomRAT v6.0.3 (+SOURCE)\VenomRAT v6.0.3 (SOURCE)\Plugins\hvnc.exe"
1⤵
PID:2420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2420-0-0x00007FFD77D13000-0x00007FFD77D15000-memory.dmp

Filesize
8KB

Download
memory/2420-1-0x00000000007B0000-0x00000000007C0000-memory.dmp

Filesize
64KB

Download
memory/2420-3-0x00007FFD77D10000-0x00007FFD787D1000-memory.dmp

Filesize
10.8MB

Download
memory/2420-4-0x00007FFD77D10000-0x00007FFD787D1000-memory.dmp

Filesize
10.8MB

Download

© 2018-2024

Terms | Privacy