Overview

overview

10

Static

static

10

VenomRAT.7z

windows10-ltsc 2021-x64

10

VenomRAT/P...er.exe

windows10-ltsc 2021-x64

1

VenomRAT/P...nc.exe

windows10-ltsc 2021-x64

1

VenomRAT/S...ny.exe

windows10-ltsc 2021-x64

10

VenomRAT/S...64.exe

windows10-ltsc 2021-x64

10

VenomRAT/S...86.exe

windows10-ltsc 2021-x64

10

VenomRAT/V...er.exe

windows10-ltsc 2021-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VenomRAT.7z

  • Size

    40.8MB

  • Sample

    241203-pqpggavqgv

  • MD5

    abb2579e0f83a603280f0b863b4650d8

  • SHA1

    2612ff4a34315f0ead610966d6e0f299987bbf53

  • SHA256

    2f9d75390cd901366aa5ae78d759cd42e1475e4cc9613b421967e4b32ff9cc6c

  • SHA512

    764fbe6f2e1cc34ebdd3e455e1ff468c2d0a19414abe5665669d0529c320a3b71aac118d04f4ed13cde4fd14d74599d4968869ca062ac4e33194dcda9d482adf

  • SSDEEP

    786432:RMTw8qqxhlpy2XedaVTZg/9DpMg8bRrLbOH4mL6QTd/B1m9CERhd0gfp:RCvx9ueypM7ZOH4/QvA9CEnWgB

Score
10/10
asyncratstormkittydiscoveryrat

Malware Config

Targets

    • Target

      VenomRAT.7z

    • Size

      40.8MB

    • MD5

      abb2579e0f83a603280f0b863b4650d8

    • SHA1

      2612ff4a34315f0ead610966d6e0f299987bbf53

    • SHA256

      2f9d75390cd901366aa5ae78d759cd42e1475e4cc9613b421967e4b32ff9cc6c

    • SHA512

      764fbe6f2e1cc34ebdd3e455e1ff468c2d0a19414abe5665669d0529c320a3b71aac118d04f4ed13cde4fd14d74599d4968869ca062ac4e33194dcda9d482adf

    • SSDEEP

      786432:RMTw8qqxhlpy2XedaVTZg/9DpMg8bRrLbOH4mL6QTd/B1m9CERhd0gfp:RCvx9ueypM7ZOH4/QvA9CEnWgB

    Score
    10/10
    asyncratdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    behavioral1

    • Target

      VenomRAT/Plugins/Keylogger.exe

    • Size

      13KB

    • MD5

      b891f6eac297cc501c01687a041e2ca5

    • SHA1

      2dd0748b0952dc7d73943f0b24f5036a2773bf24

    • SHA256

      b0df63466dd20c4f860263eafba2feb255bf31ea43264a142f8e9010b27d016c

    • SHA512

      d525c84a2ab967d65c5538aa46c0a126221582c820bde9c101105f27ea8d0c819161a1764872bb6e469c07bc2f53003e7a453e518ffa59aaa919370687bd90a6

    • SSDEEP

      384:A4MtOoYttncuYsLhH3dF5L18GEP8Tx/NoE:qEbtQO5LS/P8Tx/n

    Score
    1/10
    behavioral2

    • Target

      VenomRAT/Plugins/hvnc.exe

    • Size

      36KB

    • MD5

      fc73d7d3f06595cee03b6d5c8d7f1288

    • SHA1

      295e40e9b723ca96bbfcd7e2e9f4c57f9cfe31fb

    • SHA256

      995eda42ca6298269c8ce9e6c6fe857704ceec211911bae8379f8e905eae6d32

    • SHA512

      ad99172ca8c444b8c8473522d8c40229426b5cf9c7db49cd42d92804bc3d197ca9ca947fe8d77ec9abbd24cc386c7fa40128dd3b724d26a235d879fdf9c60fc0

    • SSDEEP

      768:fB92a2NJWV2D2i/BLJUxGAPqpWupz/CTRtYnhbnpwgCWPL2Pi:7fPqAupz/SehbigCWjl

    Score
    1/10
    behavioral3

    • Target

      VenomRAT/Stub/ClientAny.exe

    • Size

      71KB

    • MD5

      958cfc3e7730a66a05d6b8a49ce13d63

    • SHA1

      ebc55f86cccfead463fcc1e6a060a5012fb09907

    • SHA256

      eedce349ce30bae2c269040ac02e0c1d2a979cd2743dc89dc8138e61b30f1798

    • SHA512

      cd6c4f6229a5d97a9b335cbbaf16e4ceab2efde6dd6e17ea0e8645d12739bd2a7ab8e6a77887dd92894af17305df6aafd051c0bfdd8fe7965225f0d538d9fbc5

    • SSDEEP

      768:+MFJ2BAxBMXR5OavIpl2d90CfOmPiEq586H+XVhMZEILH5DMnuqUch04U0VTLgSv:HJmm+g58TXsDpUuqbdLuGjhDeVclN

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat
    behavioral4

    • Target

      VenomRAT/Stub/Clientx64.exe

    • Size

      71KB

    • MD5

      33aa30124ec0b36f1a9319cd62a11e84

    • SHA1

      f8181335be708048b28cf1540054a5dd9d6acf8c

    • SHA256

      c6a8838b3619db76fc89af6bbd9188f868557348b3d06e2815eae2882dae8ec3

    • SHA512

      fceed2946791b47eb3e9f5b94fb11104abdc6bd8c2ae3c4c4694880af168608822a0b77ceecaeda125a04ffe2fcc081bf0e003c17ba3dc34a6ad261d45da7e65

    • SSDEEP

      768:aEFJ2BAxBMXR5OavIpl2d90CfOmfiEq586H+XVhMxEILH5DMnuqLch04U0VTLgSS:LJmm+A58TXsLpUuqudLuGjhMCVclN

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat
    behavioral5

    • Target

      VenomRAT/Stub/Clientx86.exe

    • Size

      71KB

    • MD5

      9e58447fdcf9d7625879dc2f8e51d41e

    • SHA1

      2b64506b4f318a4154f51dec8db498b0ca2f075b

    • SHA256

      fb646f0abb2d769531bdcbbb33c15b8d65a2f948a9b027005a007f1ae7fb6d23

    • SHA512

      bcf6ec720c1d8e7e3608453f05626db9569b32448c53520b52c143c1da6e5c015105d57dccaf6b47bfd37fa757a91cfa647c7e5832a7d52b8eb0bb6955615fbf

    • SSDEEP

      768:j2FJ2BAxBMXR5OavIpl2d90CfOm3iEq586H+XVhMxEILH5DMnuqkch04U0VTLgSy:gJmm+I58TXsLpUuqrdLuGjhsuVclN

    Score
    10/10
    asyncratdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat
    behavioral6

    • Target

      VenomRAT/Venom RAT + HVNC + Stealer + Grabber.exe

    • Size

      7.3MB

    • MD5

      ad0ad41bed640b3331c1bc13099b32ff

    • SHA1

      5ebce59397c282b77ee8a2498095033ac68ddc04

    • SHA256

      2761f7bd15a3e4ce953dd3ceed0863751a0890fe99b58e0452fc0bd9b9fd24b0

    • SHA512

      9212304be53b5dc7d200fe7f84504f2f5e00550b5751369bb86fda034ea62fe917d23a8f61d2e2fce66a707e44b2d023dedcae46c92bb89417f5046e66005dc7

    • SSDEEP

      196608:1U4fa36sXKUOJIZZbNFcbHeazVK2TVYVLi3yYl8sY64hfT:jCqsX4aJq7RTVv3Vz4x

    Score
    7/10
    discovery

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    behavioral7

MITRE ATT&CK Enterprise v15

Tasks