Overview

overview

10

Static

static

10

VenomRAT/B...to.dll

windows7-x64

1

VenomRAT/B...to.dll

windows10-2004-x64

1

VenomRAT/D....1.dll

windows7-x64

1

VenomRAT/D....1.dll

windows10-2004-x64

1

VenomRAT/D....1.dll

windows7-x64

1

VenomRAT/D....1.dll

windows10-2004-x64

1

VenomRAT/D....1.dll

windows7-x64

1

VenomRAT/D....1.dll

windows10-2004-x64

1

VenomRAT/D....1.dll

windows7-x64

1

VenomRAT/D....1.dll

windows10-2004-x64

1

VenomRAT/D...re.dll

windows7-x64

1

VenomRAT/D...re.dll

windows10-2004-x64

1

VenomRAT/D...re.dll

windows7-x64

1

VenomRAT/D...re.dll

windows10-2004-x64

1

VenomRAT/D...ng.dll

windows7-x64

1

VenomRAT/D...ng.dll

windows10-2004-x64

1

VenomRAT/D...re.dll

windows7-x64

1

VenomRAT/D...re.dll

windows10-2004-x64

1

VenomRAT/D...re.dll

windows7-x64

1

VenomRAT/D...re.dll

windows10-2004-x64

1

VenomRAT/D...re.dll

windows7-x64

1

VenomRAT/D...re.dll

windows10-2004-x64

1

VenomRAT/D....1.dll

windows7-x64

1

VenomRAT/D....1.dll

windows10-2004-x64

1

VenomRAT/D....1.dll

windows7-x64

1

VenomRAT/D....1.dll

windows10-2004-x64

1

VenomRAT/D....1.dll

windows7-x64

1

VenomRAT/D....1.dll

windows10-2004-x64

1

VenomRAT/D....1.dll

windows7-x64

1

VenomRAT/D....1.dll

windows10-2004-x64

1

VenomRAT/D....1.dll

windows7-x64

1

VenomRAT/D....1.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VenomRAT.7z

  • Size

    40.8MB

  • Sample

    241203-pwzjma1mdj

  • MD5

    abb2579e0f83a603280f0b863b4650d8

  • SHA1

    2612ff4a34315f0ead610966d6e0f299987bbf53

  • SHA256

    2f9d75390cd901366aa5ae78d759cd42e1475e4cc9613b421967e4b32ff9cc6c

  • SHA512

    764fbe6f2e1cc34ebdd3e455e1ff468c2d0a19414abe5665669d0529c320a3b71aac118d04f4ed13cde4fd14d74599d4968869ca062ac4e33194dcda9d482adf

  • SSDEEP

    786432:RMTw8qqxhlpy2XedaVTZg/9DpMg8bRrLbOH4mL6QTd/B1m9CERhd0gfp:RCvx9ueypM7ZOH4/QvA9CEnWgB

Score
10/10
asyncratstormkittyvenomratrat

Malware Config

Targets

    • Target

      VenomRAT/BouncyCastle.Crypto.dll

    • Size

      2.5MB

    • MD5

      f0b3e112ce4807a28e2b5d66a840ed7f

    • SHA1

      54a6743781fd4ceb720331fce92f16186931192d

    • SHA256

      333903c7d22a27098e45fc64b77a264aa220605cfbd3e329c200d7e4b42c881c

    • SHA512

      dc8ec9754c5e86f7e54e75ff3e5859c1b057f90e9c41788037b944a5db2cb3b70060763d0efcbe55ec595bcc47a9c0ff847a4876821470ca1659c31afd5b0190

    • SSDEEP

      49152:OSSJ+G1PjodumkjD6Oc0mqHZwueCtbu9kQN:6xodumo6Lr

    Score
    1/10
    behavioral1behavioral2

    • Target

      VenomRAT/DevExpress.Data.Desktop.v22.1.dll

    • Size

      847KB

    • MD5

      3fe9b31808fb8229ced297ce809bb2c5

    • SHA1

      e5416984bfecf872bab8f8ba299b1c3f26f14455

    • SHA256

      b4d91f919d62f0ce97602e9d2baa9e8d08cd2778794b6756a7ba6a697a1b5ec7

    • SHA512

      01c37762d7cd46636d07a2b75ea481bd16c782f07a55757177d2f363b7a5b35f586351d520f00728257659a24120ee0465173f2f8b5b58357daf7534252a881f

    • SSDEEP

      12288:XzcvADexPaUb6wZPYj8vtvrlecLHP2+jXSwatzuHkrYCX1TSahOr1LZKHVoiXw+7:D5DexdNZPYj8zecLv2+jCXVGsYsR

    Score
    1/10
    behavioral3behavioral4

    • Target

      VenomRAT/DevExpress.Data.v22.1.dll

    • Size

      5.1MB

    • MD5

      39a6b01d0523fbd694fa689a25259cb7

    • SHA1

      e17e6f9ee3ed9789068c7a4abfe475a789e60ab1

    • SHA256

      aff2ec38a10963daa09f9a46b0ee4c92eb71131e67ccb804b84380dcc1519ec0

    • SHA512

      002d9d8375863d7d6aeb150ef169bf233f28830f50f3025bf318ae6f4790786e0d05a7328d6ed0b40ee186de2db1edd9720cad1f7169b72a316bfe68e3fdd724

    • SSDEEP

      49152:fJJHcStFUzQUnI8id8LDaWdFH6cvmhHgVYFvFWcp/ldRzaxO0zC96S1qBdFBWhRz:fJJH1gzh9iSLDCHgVYFvFXTdaO

    Score
    1/10
    behavioral5behavioral6

    • Target

      VenomRAT/DevExpress.Drawing.v22.1.dll

    • Size

      300KB

    • MD5

      7ebea0eb0d5fc9d3f8baddb867b3edf1

    • SHA1

      4385ed85fce5a424ed4463f3aaf1160beaf04170

    • SHA256

      d3a70acd9c6276b28b9687e7790f5edd7a8079ea824ec93dd59b6df8f2c54d34

    • SHA512

      7322fb0828fa58b3303c75c7e8be47e3a322bb4ddaf3d3801f65b73f41222d029fb6f882e9ba6267d331852ce24824d288c86241f5400cce12945682939258df

    • SSDEEP

      6144:4yeiVjwTvgD+Z6Rb3zaiG5lpvkw5zticHOmfvAbWqiWUvqM:4yeiVjwTvX6NhclJiOfqiWgqM

    Score
    1/10
    behavioral7behavioral8

    • Target

      VenomRAT/DevExpress.Images.v22.1.dll

    • Size

      8.4MB

    • MD5

      5246e412b204882fed4300efede7119b

    • SHA1

      f688ca2ff1ee91f6dbe0b52502ff0e1154210787

    • SHA256

      67a7db033d6047d8345182233f6d314c3ff1547dccaf5b8c04d71e1c8d8faa57

    • SHA512

      d35d52e848915f25a502115791bd947ad2a6374e602348d173a74dddc7fce5d42bed62576a819454d5fafc2a120a69d6fc254ab940c4263c65b53804cb48d866

    • SSDEEP

      98304:nuhlxpyY1Fp6bPIPxk7Q8unttuszubxv1h:nyGI6bAPS7XuttZatD

    Score
    1/10
    behavioral10behavioral9

    • Target

      VenomRAT/DevExpress.Office.v22.1.Core.dll

    • Size

      3.7MB

    • MD5

      04481d41b4edffc33d43dc7b3c21879b

    • SHA1

      9bdfc1ae5bc61699e2705aa58e693ce745c35f88

    • SHA256

      10c2ef3e11a2a2cdac160d4299cd541d6b1f75613ae7adec7689e71d365f7e21

    • SHA512

      76e6a7326e06c3a57d056fb139cb655382017336b422b606a3237d472e7a443d59c71e08a060b3c84a9129d507e458a8f990fef872e5f6e7600f62bd5b02a59a

    • SSDEEP

      49152:3eqp7uMm3b6vbhMVlddimWL1S1wUwyWFN:3eqRTY1WL1S1wUwyWj

    Score
    1/10
    behavioral11behavioral12

    • Target

      VenomRAT/DevExpress.Pdf.v22.1.Core.dll

    • Size

      5.1MB

    • MD5

      3da62d7c737ee74cd7c039ec47780794

    • SHA1

      d3403fc931204f1a6fcd731ca3d65be571bc29b0

    • SHA256

      0704e6abdd582e23b37a7bdfd298b914038e43477f2e0bc271b012185a5e71c4

    • SHA512

      f39d3145d45b2221c1da05eccf8ca97e5aadc476526f0639b87b4289053b196f8bd282d8373e96f0b09aabbeb120d85cfc1247d7503fd10a74824c22a93adcf0

    • SSDEEP

      98304:KX8B3YZ5K3AgwJhuwug6mDxLAqq8n7OH2Ck:KX8B3YZ5K3AgwuhUVzDn782h

    Score
    1/10
    behavioral13behavioral14

    • Target

      VenomRAT/DevExpress.Pdf.v22.1.Drawing.dll

    • Size

      502KB

    • MD5

      ba8bacdc0334943e942fcebb93c13378

    • SHA1

      7fdc8a6e619e21ec2c37aaa5e0caad031ba9392f

    • SHA256

      f98ad5274cc55f675c60a61d74a4d213a30c00e466537ee852d75c5f390ce7c3

    • SHA512

      e8b6f6801735a672959ac5d5067735bdcb447b0f4fcaf222fdafbf1623b733dbe30684a7f65c259d63e5ea77c04d5625c85770b1442f201d68ec8fd9711ebc79

    • SSDEEP

      6144:xaZV+AVlOt4JKqEucWN+AZbewWw6JpnlmEMBP6PuhMWU7ktJP7/ejvfJN85qybkd:YuAViWNNpWwGpwJ6PjW0kPC7SrY9

    Score
    1/10
    behavioral15behavioral16

    • Target

      VenomRAT/DevExpress.Printing.v22.1.Core.dll

    • Size

      4.5MB

    • MD5

      3d4380ed2c8b8aaa8206a2b037a217b4

    • SHA1

      1685f4c6aff4f88da6d0bad19fe21c20ab3f4288

    • SHA256

      174182c0811e758d65ca83277177692c7696f494cc545e3220fa7d6304e93f0c

    • SHA512

      b2adce82e0a8b3773dc78d9fd0a92bcc86e3996105078c52f3fb46093a91d4d84148f69b4a52f5b79e7097078e5a13e5a1affbe5e21e1fdeb67c5723f2280975

    • SSDEEP

      49152:F5IL6XYTD+RZdNszyVqcrcDPG+axAXVnMWoi/KpzB7JvIVj4RPbXry4b5Paod9q8:fIL6ITDDmbDmv/Nn5DXgxn

    Score
    1/10
    behavioral17behavioral18

    • Target

      VenomRAT/DevExpress.RichEdit.v22.1.Core.dll

    • Size

      8.4MB

    • MD5

      7ddf6749688dab11c14e464684346a51

    • SHA1

      dc3578c283b0728052125313f59e71deabe538ab

    • SHA256

      078551cc3b00963dcfae8bcf69f8e926cf67234fc3c688fffccc195b4a611976

    • SHA512

      0087f1e7d85ea050fb860125ed65ca425c6509c23544a776a65a6cdb614d9732f0c99ec2fcbe5c33317053f2df7f839ad420bc2581b898a08c48d183d07d44c6

    • SSDEEP

      98304:HPb+G1Tez+HBpnafYPTW033ZNVMBkxVz6uuRoI196q:MOZ4BaVz6pRoI19v

    Score
    1/10
    behavioral19behavioral20

    • Target

      VenomRAT/DevExpress.Sparkline.v22.1.Core.dll

    • Size

      87KB

    • MD5

      ba1a701a6312c167ac6f2bf407faa237

    • SHA1

      6d98e694e34daef743e15270b635c3dd19fc3b0f

    • SHA256

      bf03f577ecb257067abee5e7b6e49803a309231701cd07a39caa210d5c886c4c

    • SHA512

      d9b543a7f7c52938965878c9eaf507d0a885f9646fb709a465140f7a9f6cfe8eeaf0618fb3ca716ddf2e98199c3b35551e40d0d963e51b67c3fbe1bea04a05d2

    • SSDEEP

      1536:4hn/UiKYDmlc/foBSGLzyexgEEjKAZxNHumV:4RKcXeSEZglWAZxNHuq

    Score
    1/10
    behavioral21behavioral22

    • Target

      VenomRAT/DevExpress.Utils.v22.1.dll

    • Size

      20.0MB

    • MD5

      e233d1ae807c67e02e009b05fae594c8

    • SHA1

      685e73370aec2b6d1b58ab5f97916747549d8072

    • SHA256

      076ae5bed73714846f1f4d334ddd7b4694c994ad62c0d5816146558c6b848d2a

    • SHA512

      d5798231867be57764c21a0fe4949db0a57bb9f028cd99b454a6094a9d5582f5ac0b2da69a7a528413b740fedad31d791ae089bf88166589ae9737a7361edf61

    • SSDEEP

      393216:7u1M1d84WAOfraPyyLic2S0eg+/4/vK0CEoo:7u1Mw4WAOfraPyyLic2S0Z+/4/vKzo

    Score
    1/10
    behavioral23behavioral24

    • Target

      VenomRAT/DevExpress.XtraBars.v22.1.dll

    • Size

      6.6MB

    • MD5

      c08a735cbfcdd9a3f39f8c950876a3e0

    • SHA1

      bed77462df6aa6f796566b91c19de063f6c60460

    • SHA256

      9058ad08a57a766f9123c9ef5d2d739cd089dd44f9e506795bf8060aa165c76d

    • SHA512

      8681c8a994f26c23324004a2d23ecc9f05300cfc8b6f89d12091e3a0a172bdf0e2f4be101e2d1a6dbaf6c50de7ad7298c83b32f3ecd6f19822a87162f95b7668

    • SSDEEP

      196608:qOzxEDLbulF29jaRtWAOfraPmWAOfraP0WAOfraPx:jrtWAOfraPmWAOfraP0WAOfraPx

    Score
    1/10
    behavioral25behavioral26

    • Target

      VenomRAT/DevExpress.XtraEditors.v22.1.dll

    • Size

      7.7MB

    • MD5

      aa3ed371897bdfde9ee4ce9f6908bcd6

    • SHA1

      26c5a7c44711aede4b20ad50a16372567ffdba1c

    • SHA256

      e92ca4630758063ff4b6a97190d2f3edc7e6f7b3b7c22f4e8241c076a69b43a4

    • SHA512

      a3b2f49ae44be52ad9a695fe7d783a457005180c183b71041a8a5cba20d8f3b5f87efbc6de933315e4c646c34c9ff72001704d9be813bf2088e2c559e191d334

    • SSDEEP

      98304:z6wGqxIwcrDMb9VcoXceu4arFZ+DY8kpVY:2wGqxIFr4b9VJkf8n

    Score
    1/10
    behavioral27behavioral28

    • Target

      VenomRAT/DevExpress.XtraGrid.v22.1.dll

    • Size

      3.6MB

    • MD5

      f934526dbe8f852712317a4cb78cf530

    • SHA1

      8d09bafecdf79125edd0aac3bfab5957dfae5499

    • SHA256

      a91a2837aac2396f4a2f53d97a8a9f55b63a726f08ab972852fb10094037a273

    • SHA512

      cf35d3f947f282cb9bc083703d3f46f34b0f08e69523b03798b829923620839f20c5c99d553eb364a16ff4335a14ea93bb57e53a0a0753a10cbaec2cc751e8e2

    • SSDEEP

      49152:E3V4oYwryT+upD8l23GW6Ed5qCXlo+/rqGQNa:EXYwry6up3Gu5qIr

    Score
    1/10
    behavioral29behavioral30

    • Target

      VenomRAT/DevExpress.XtraLayout.v22.1.dll

    • Size

      2.1MB

    • MD5

      4cddef22b62679add81cefb05e0fb8c7

    • SHA1

      9769f7684ff70c0658326ddf48bee42ccbe599bc

    • SHA256

      d1d841707002b641a83812907834eefa972741cb0214abc389541a83fae72f26

    • SHA512

      566f312d7f29d262cf0d79b2f3affae321f01c1d5da6ff2dfe5a69069da6dc5011ac74a60a576d73407e773718470992e4c91d00927be3b1dad257c9cccfd3a0

    • SSDEEP

      24576:MLoM74ixRQHBoxT5Ig2o4ZSYlbkpcX0H1bwaetzI2pn4:N6xWoxT5Ig2o4Z/JaetzS

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

ratvenomratstormkittyasyncrat
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10