darkvision | c11a66b1a187d0b9f2e23308fa340a8afaa88411c666757bc7f537bc7192223a | Triage

Submit
Reports

Overview

overview

Static

static

Mine/firsgen.exe

windows11-21h2-x64

Sharing

General

Target

Mine.zip
Size

154KB
Sample

241206-3grr5atmcv
MD5

93c9cd679c2898fbb55f53d320217062
SHA1

0d453f50c12b55069b94c989377424fac716778d
SHA256

c11a66b1a187d0b9f2e23308fa340a8afaa88411c666757bc7f537bc7192223a
SHA512

055c713fba2788863cfd96c08d4b6859369572fbc9057c83d841d2900d291488f0c2e6725b33b47210908fa2ab285b009d437118e1c32fd227c4685a10b1d8f5
SSDEEP

3072:ZLx436IU655KWPFqV3c+onHwDgtkkcjVpGfraCligsv:ZLqJU2PFqWbHw4kTVpwOCQgsv

Score

10^/10

darkvision execution rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Mine/firsgen.exe

Resource

win11-20241007-en

darkvision execution rat

windows11-21h2-x64

9 signatures

1800 seconds

Malware Config

Extracted

Family

darkvision

C2

85.115.223.20

Targets

- Target
  
  Mine/firsgen.exe
- Size
  
  453KB
- MD5
  
  67a359e34ca0da8d1b51b3dbacc0e4bc
- SHA1
  
  5bb23dec795b3c7cd1cf9e3563834e14f9f3344c
- SHA256
  
  443c327eae304c70f48625b1b919fb9a2d89ce529f21251968baea487d3d9f94
- SHA512
  
  57ebc64d7a039c392cbab65df3fba8ffe260e2997d0c787c69a4633a37a67188312eb14f43e40171871d22298dbb54142c88a6badf956777be9506acb2169a08
- SSDEEP
  
  6144:+MdVKz+LuaBM4/1qrbbYTsHYU6Aez8HVWI8:LLXqrH+R+T
Score

10^/10

darkvision execution rat
- DarkVision Rat
  DarkVision Rat is a trojan written in C++.
  rat darkvision
- Darkvision family
  darkvision
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkvisionexecutionrat

© 2018-2025

Terms | Privacy