asyncrat | 2f9d75390cd901366aa5ae78d759cd42e1475e4cc9613b421967e4b32ff9cc6c | Triage

Submit
Reports

Overview

overview

Static

static

VenomRAT.7z

windows10-ltsc 2021-x64

7

Sharing

General

Target

VenomRAT.7z
Size

40.8MB
Sample

241203-pm9m8s1jfj
MD5

abb2579e0f83a603280f0b863b4650d8
SHA1

2612ff4a34315f0ead610966d6e0f299987bbf53
SHA256

2f9d75390cd901366aa5ae78d759cd42e1475e4cc9613b421967e4b32ff9cc6c
SHA512

764fbe6f2e1cc34ebdd3e455e1ff468c2d0a19414abe5665669d0529c320a3b71aac118d04f4ed13cde4fd14d74599d4968869ca062ac4e33194dcda9d482adf
SSDEEP

786432:RMTw8qqxhlpy2XedaVTZg/9DpMg8bRrLbOH4mL6QTd/B1m9CERhd0gfp:RCvx9ueypM7ZOH4/QvA9CEnWgB

Score

10^/10

asyncrat stormkitty discovery rat

Static task

static1

rat stormkitty asyncrat

5 signatures

Behavioral task

behavioral1

Sample

VenomRAT.7z

Resource

win10ltsc2021-20241023-en

windows10-ltsc 2021-x64

10 signatures

300 seconds

Malware Config

Targets

- Target
  
  VenomRAT.7z
- Size
  
  40.8MB
- MD5
  
  abb2579e0f83a603280f0b863b4650d8
- SHA1
  
  2612ff4a34315f0ead610966d6e0f299987bbf53
- SHA256
  
  2f9d75390cd901366aa5ae78d759cd42e1475e4cc9613b421967e4b32ff9cc6c
- SHA512
  
  764fbe6f2e1cc34ebdd3e455e1ff468c2d0a19414abe5665669d0529c320a3b71aac118d04f4ed13cde4fd14d74599d4968869ca062ac4e33194dcda9d482adf
- SSDEEP
  
  786432:RMTw8qqxhlpy2XedaVTZg/9DpMg8bRrLbOH4mL6QTd/B1m9CERhd0gfp:RCvx9ueypM7ZOH4/QvA9CEnWgB
Score

7^/10

discovery
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratstormkittyasyncrat

behavioral1

© 2018-2024

Terms | Privacy