Overview
overview
10Static
static
10VenomRAT-V...to.dll
windows11-21h2-x64
1VenomRAT-V...I2.dll
windows11-21h2-x64
1VenomRAT-V...on.dll
windows11-21h2-x64
1VenomRAT-V...or.dll
windows11-21h2-x64
1VenomRAT-V...er.exe
windows11-21h2-x64
1VenomRAT-V...on.dll
windows11-21h2-x64
1VenomRAT-V...io.dll
windows11-21h2-x64
1VenomRAT-V...at.dll
windows11-21h2-x64
1VenomRAT-V...rd.dll
windows11-21h2-x64
1VenomRAT-V...ra.dll
windows11-21h2-x64
1VenomRAT-V...er.dll
windows11-21h2-x64
1VenomRAT-V...er.dll
windows11-21h2-x64
1VenomRAT-V...un.dll
windows11-21h2-x64
1VenomRAT-V...on.dll
windows11-21h2-x64
1VenomRAT-V...er.exe
windows11-21h2-x64
1VenomRAT-V...er.dll
windows11-21h2-x64
1VenomRAT-V...ib.dll
windows11-21h2-x64
1VenomRAT-V...us.dll
windows11-21h2-x64
1VenomRAT-V...at.dll
windows11-21h2-x64
1VenomRAT-V...ns.dll
windows11-21h2-x64
1VenomRAT-V...er.dll
windows11-21h2-x64
1VenomRAT-V...ry.dll
windows11-21h2-x64
1VenomRAT-V...it.dll
windows11-21h2-x64
1VenomRAT-V...ra.dll
windows11-21h2-x64
1VenomRAT-V...op.dll
windows11-21h2-x64
1VenomRAT-V...xy.dll
windows11-21h2-x64
1VenomRAT-V...le.dll
windows11-21h2-x64
1VenomRAT-V...ry.dll
windows11-21h2-x64
1VenomRAT-V...cs.dll
windows11-21h2-x64
1VenomRAT-V...UI.dll
windows11-21h2-x64
1VenomRAT-V...nt.exe
windows11-21h2-x64
10VenomRAT-V...ix.bat
windows11-21h2-x64
10General
-
Target
VenomRAT-V5.6-HVNC.rar
-
Size
44.7MB
-
Sample
241224-f77jyaslap
-
MD5
3359e400772b429af1a1c5b2f06ad301
-
SHA1
bdedb4c410ba58392feefcda17ec18c9ec5e45db
-
SHA256
b460cb71a7c6a0ef8f1f92dc52c237a41a783fa5d2925362eb0ab3db51420e71
-
SHA512
63f5c3a773dc4d3ff44aef6b318e1e23c3befecf3a1263f4f45c132c487dae8fe9f0a2512a3699ae70c8b602ca83e672be8b18b0f9be60693c600a70b08f2f4a
-
SSDEEP
786432:G42E0fcdbuf9QZZEdyvV554KDYKiQ7mKv9Ewf91HZOrck8+xUhJZkwhNc:GbE0fk6FkZEdKV5i2BiQKaEwHHZIAJZK
Behavioral task
behavioral1
Sample
VenomRAT-V5.6-HVNC/BouncyCastle.Crypto.dll
Resource
win11-20241007-en
Behavioral task
behavioral2
Sample
VenomRAT-V5.6-HVNC/Guna.UI2.dll
Resource
win11-20241023-en
Behavioral task
behavioral3
Sample
VenomRAT-V5.6-HVNC/IP2Region.dll
Resource
win11-20241007-en
Behavioral task
behavioral4
Sample
VenomRAT-V5.6-HVNC/IconExtractor.dll
Resource
win11-20241007-en
Behavioral task
behavioral5
Sample
VenomRAT-V5.6-HVNC/Keylogger.exe
Resource
win11-20241007-en
Behavioral task
behavioral6
Sample
VenomRAT-V5.6-HVNC/Newtonsoft.Json.dll
Resource
win11-20241007-en
Behavioral task
behavioral7
Sample
VenomRAT-V5.6-HVNC/Plugins/Audio.dll
Resource
win11-20241007-en
Behavioral task
behavioral8
Sample
VenomRAT-V5.6-HVNC/Plugins/Chat.dll
Resource
win11-20241007-en
Behavioral task
behavioral9
Sample
VenomRAT-V5.6-HVNC/Plugins/Discord.dll
Resource
win11-20241007-en
Behavioral task
behavioral10
Sample
VenomRAT-V5.6-HVNC/Plugins/Extra.dll
Resource
win11-20241007-en
Behavioral task
behavioral11
Sample
VenomRAT-V5.6-HVNC/Plugins/FileManager.dll
Resource
win11-20241007-en
Behavioral task
behavioral12
Sample
VenomRAT-V5.6-HVNC/Plugins/FileSearcher.dll
Resource
win11-20241007-en
Behavioral task
behavioral13
Sample
VenomRAT-V5.6-HVNC/Plugins/Fun.dll
Resource
win11-20241023-en
Behavioral task
behavioral14
Sample
VenomRAT-V5.6-HVNC/Plugins/Information.dll
Resource
win11-20241007-en
Behavioral task
behavioral15
Sample
VenomRAT-V5.6-HVNC/Plugins/Keylogger.exe
Resource
win11-20241007-en
Behavioral task
behavioral16
Sample
VenomRAT-V5.6-HVNC/Plugins/Logger.dll
Resource
win11-20241007-en
Behavioral task
behavioral17
Sample
VenomRAT-V5.6-HVNC/Plugins/MessagePackLib.dll
Resource
win11-20241007-en
Behavioral task
behavioral18
Sample
VenomRAT-V5.6-HVNC/Plugins/Miscellaneous.dll
Resource
win11-20241023-en
Behavioral task
behavioral19
Sample
VenomRAT-V5.6-HVNC/Plugins/Netstat.dll
Resource
win11-20241007-en
Behavioral task
behavioral20
Sample
VenomRAT-V5.6-HVNC/Plugins/Options.dll
Resource
win11-20241007-en
Behavioral task
behavioral21
Sample
VenomRAT-V5.6-HVNC/Plugins/ProcessManager.dll
Resource
win11-20241007-en
Behavioral task
behavioral22
Sample
VenomRAT-V5.6-HVNC/Plugins/Recovery.dll
Resource
win11-20241007-en
Behavioral task
behavioral23
Sample
VenomRAT-V5.6-HVNC/Plugins/Regedit.dll
Resource
win11-20241007-en
Behavioral task
behavioral24
Sample
VenomRAT-V5.6-HVNC/Plugins/RemoteCamera.dll
Resource
win11-20241007-en
Behavioral task
behavioral25
Sample
VenomRAT-V5.6-HVNC/Plugins/RemoteDesktop.dll
Resource
win11-20241007-en
Behavioral task
behavioral26
Sample
VenomRAT-V5.6-HVNC/Plugins/ReverseProxy.dll
Resource
win11-20241007-en
Behavioral task
behavioral27
Sample
VenomRAT-V5.6-HVNC/Plugins/SendFile.dll
Resource
win11-20241007-en
Behavioral task
behavioral28
Sample
VenomRAT-V5.6-HVNC/Plugins/SendMemory.dll
Resource
win11-20241007-en
Behavioral task
behavioral29
Sample
VenomRAT-V5.6-HVNC/SMDiagnostics.dll
Resource
win11-20241007-en
Behavioral task
behavioral30
Sample
VenomRAT-V5.6-HVNC/Siticone.Desktop.UI.dll
Resource
win11-20241007-en
Behavioral task
behavioral31
Sample
VenomRAT-V5.6-HVNC/Stub/Client.exe
Resource
win11-20241007-en
Behavioral task
behavioral32
Sample
VenomRAT-V5.6-HVNC/Stub/ClientFix.bat
Resource
win11-20241007-en
Malware Config
Extracted
quasar
1.4.0
v15.4.1 | Venom
dofucks.com:12482
private115.duckdns.org:12482
adf10731-c83d-4166-9137-39d0b1e48856
-
encryption_key
C84CB6134701741C5122A14FACDB67C8CFA9C0AB
-
install_name
.exe
-
log_directory
$sxr-Logs
-
reconnect_delay
3000
-
startup_key
$sxr-seroxen
Targets
-
-
Target
VenomRAT-V5.6-HVNC/BouncyCastle.Crypto.dll
-
Size
2.1MB
-
MD5
3cf6bf0e0a27f3665edd6362d137e4cc
-
SHA1
2016dd5e17331495901299eae9a5db48ccc8956f
-
SHA256
1985b85bb44be6c6eaf35e02ef11e23a890e809b8ec2e53210a4ad5a85b26c70
-
SHA512
72182dd7ce5fdaec8a79b65626e98f38eb8e74fa6129de08d54b3bb80867019b594082e2d9e583a788d81e69c12f7c6cd993d7d74a196bab72e68400c61e244f
-
SSDEEP
49152:FFSSSusJVEDm2CNrmynmTF3P++3UEOkK59Vz4oukkb3KZ5:FFSSSusJeDm2WrmynmTF3m+E
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Guna.UI2.dll
-
Size
2.0MB
-
MD5
0188fce753516183a41c4d146e337778
-
SHA1
eb0f5324e8dd08a181d4bdfc1d90543077b2ee67
-
SHA256
ee4449bccf826cbc56c13087d54a1a69fd42464d437ce8f355ac6afb61df6829
-
SHA512
b3aafc9a80eec37556f4e60ab23579dd7d42c060b3ca2064d6d0c16901b54500503750868bef651a01401551551e372ac9fd459029c5d0efdd2aa385384916fc
-
SSDEEP
24576:SANEfBpDsH/bTIRPZyiXeq+Tc7XRbF+TSgkrwf9Pa3oZm8jqG4LEx1npSBeX673f:Sz9+OgRpUwXpUeXQq5dn
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/IP2Region.dll
-
Size
13KB
-
MD5
cd5a0b0d309fd5837ddacbf4c1a65cda
-
SHA1
65fbc931f4ba8c5e3b26719665ee9ea6015f402c
-
SHA256
b0c2a6951dae794c210fbe68d7f42081e5da0f7cbb926cf986c3d453f9920f37
-
SHA512
84e4e1aa3f6c3014b39b0ac0da3db41e086dfab4e7d38a154f0ff2d0c65bae87039175e54cf950a57f21f5c56c19a62d6f98b2143f14a21d743867a2b37243aa
-
SSDEEP
192:6ITtdNU7r6Au3QI7iPxM02ec5puRpZd7awXJPhbUIx9fwiwMH17Gv2u0lXkV/+ft:6BrZe7sM0Q5puRJTn5wiwMV7t/ftVl
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/IconExtractor.dll
-
Size
11KB
-
MD5
3a8aad1f889b6fb25943eb0ca3be6eff
-
SHA1
d364be51c972060c05cdb5a8603915c6cacebd90
-
SHA256
04a1a27ab31b284c6e1ce9b3e94d59e414803ef1283021c5ef5919e826a6d488
-
SHA512
8df7a5196468f9ca1641703b434c30b5a5a1a2e42e5f738111b997a08d649fe3ef30baa8e3a97c02689b7603653aefb2ae1e830799dc6db1c2ba468a6e979f42
-
SSDEEP
192:Bmpc8LVCEdSApAMtrBaRGVb3dhw8vJr6/gdwm:BqxCEdSAHrBiGVb3LzJr6/21
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Keylogger.exe
-
Size
10KB
-
MD5
b8607b7921cd9cba78058fcb56bcfb9d
-
SHA1
1344f12ff7e23122b62fcc7f3be548c73d3c3efd
-
SHA256
b2a992052d32a5b9d3702350b133289b45a8d209acd0161d9c3b0bc6fd702b3c
-
SHA512
dd36040e57f2744437684e257caac0987a90deac0a60536f1cb8d690e256505d427931a3beb8d58f87c2c1bf5beb0a40c4b09417c451a07e5856044efbac1449
-
SSDEEP
96:c+B5YocCSrXU1k1YhsadP1LH9xvXh3D6IQE6yonbMpGtzIon7CKe8m7zeQzNt:ZB5YgOd1Yh9dtnXh3D6/QAzn7f5m7Cy
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Newtonsoft.Json.dll
-
Size
659KB
-
MD5
cc7920d1ea2268f85cf44e74a557e752
-
SHA1
dd420f319c505a9b8085819656c74bbc4748b78b
-
SHA256
67011156a08da592d5fe6ef112cb62e10c88be534990fdcdfef5ebb9b1cc6c63
-
SHA512
76874b04def4e3dd79b99aa5604a7dd4d4063494af8cf02f96abd56f34a898bbf7c41ad5aafb2ac123474d6c85886a6d99a04882f279c009b635619c1d6c308e
-
SSDEEP
12288:suLQZbq16LMLq42433d25X8STJmMRv0niBXh8KOBAj0x:sz/LMLq42t5X8STJmMRv0nQHOBAjO
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Audio.dll
-
Size
25KB
-
MD5
c8bba484847d43a37a2826969b8d51be
-
SHA1
c7bd52ff2ddc40e3f0aef35e6c5e226b1e5bc10b
-
SHA256
7e969e5a8f7ae862e7caa4838b9720e4272b74a980792e016f068b23f283a4a1
-
SHA512
9c8a4ed2f6769cd659ceb7557fee9cb3fbe6e8bad9c3fff62a6dfc090d52ebb878c52e11dce3f769cc9f9e62321f551130f923e8e518928159d27e30dac57dd1
-
SSDEEP
384:Pi+z4JdSCmRO5Gw5ZGuC0CWdseXGKfZ0CDzukNpLQVs6XXLca78nOt3E:qzJds45GwRC63lF2tAOt0
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Chat.dll
-
Size
456KB
-
MD5
f46b7596a724e9fe720a6e90cbaa8c48
-
SHA1
8380bd727b03a50cf4b629c06201eea248dc2037
-
SHA256
d76bdbeef6b2b0b7b05855bb31e3d3a9450326108b89c2f8292b30e3defba206
-
SHA512
536031bf2f95c95cb93d913280cdef845b79cde9f5fdd7f9e50fe5b31dbd8350da99f11bd277733e13c6ad8793575186e07b278560da15fd041270a639062e4c
-
SSDEEP
6144:LtBlKJ+p4JX0cZsaB6N83r2y/plBWnxfID/uKNlNQ7fOiLXyCrxO9w+KQqxe/t7:LVKTkcZBB6NKbBWnxfIvNr4siQqx0
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Discord.dll
-
Size
27KB
-
MD5
b591cff18fd7344243cf8a4eca624a65
-
SHA1
29f9134bb33d429d27b87e6f2112b6753e1dcae4
-
SHA256
6a43095314d5e32db307eef638d2f5afea7dd40ff6acda24fc28ce0c1632cb6a
-
SHA512
ae1aa8db37182a4b8ee06249da6304c1c105adf06b2091cf24b3e79ad1d6d1a6eaab12bf059cd86deb04b7084d563a25d5bbef6ddf7857c1a34fc0e0032664fc
-
SSDEEP
384:HfzPwa/ppmIwuCfMeSmfbQFFVBdseXG3cGh+JaL6lkSggL5XxXIUdwmuJpSVmlY2:HhGIwhPgh0Jd+5XxjwmuJpSV/I7
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Extra.dll
-
Size
34KB
-
MD5
a7f6e9ea6f35ae2d46b2428e0ba548f8
-
SHA1
d7144c74103c70ecb92fb7866440381d36c9a382
-
SHA256
b852634a7305818616dd7194b8ffe66e63bccc861380ee97c99b070de6ba89d8
-
SHA512
ec2d6bb1a0ecbe2c1cb4f489231ca374ad4e19cd21b6423f3b5fd5ac1b968c0291ef6a0b66c4abca7ff78d048f43b9c7307eea48dc8725e889a2a19c190d25b4
-
SSDEEP
384:thfLE8JhqmxGhnGOheE6qCtdKudseXG5JN2ahDkz7R3bu6jUwv5YacMvvc8D5K8w:jQ8hxGWCkQuMPkv5YdAvr9IKqbnMW
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/FileManager.dll
-
Size
34KB
-
MD5
ff2783114ae2044817419e3029202f4e
-
SHA1
3b0f3cc4724264622b0f43534745234162a54118
-
SHA256
169b668e1f44382d07f158583cfde522efcaac03d124c605663a9e29d65cd1cb
-
SHA512
b495efc2e0b5bf5ee410e6b475178dda4b06ea9ba6cf40d22cce6b3f114b5e5fd9c48bb7319b5d79f3f2c10b3c6afd0a0c7fe70582aeabb4eaf9ec7bb752dc64
-
SSDEEP
384:e/fLIMFZcuWQHBVugXvYhXmovTuC/Jn/KddseXG/htVhD8mouoFFAEFuc0oRJPtt:ypBQ2ovTZ/kdczcFhntTtny1l1E
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/FileSearcher.dll
-
Size
280KB
-
MD5
b5afafb4d97483eebc4be571f85f173f
-
SHA1
0ba9e21cc125b23d128da3e2066d7ae84932ef15
-
SHA256
48218ec92d226ddfc67038fb11bc7ace4212f1d640a91327c088ab81d331fd3a
-
SHA512
036fb7d0a7f52b1d729adf36ba953bcfd78c13df97e6e6a907fa669b44621635c53265065b164a82e025b21704b3c555b7c2f862ee97a9979d22b720d36609de
-
SSDEEP
3072:UUI94v0G+OSJqB7OOaJOqX8s28ccc9k16uLWcSCSLeNYcEeI/KQ73WmboC4nRZkX:SKWOaG4X5S9k1zFB6YF6X
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Fun.dll
-
Size
36KB
-
MD5
60ec3a7d2b3ad2e295c37d00f7cfbcc9
-
SHA1
3d0a9141b8fe0c35fa6895ac770dc770323ec9e8
-
SHA256
30fb82935718d1bdf5fbd0dd859d17a9797d6a355a944b506349d46b36fcda25
-
SHA512
3450b281454027e6d82cf332290db31c86ed03da7c75143781edebb828d3e3ee112a7794544f4d27bc2964d9d72c9ab2acb706979bbcfb696751312333d1c41a
-
SSDEEP
384:37fLviWK1Xr4GtVmEc6BktslnlrqKQdseXGtrR52bhimwy0Xprnhc4rSf7rpVqK5:LGXFEGtMqS2lnhQk95Z3nhXraDUCEk
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Information.dll
-
Size
27KB
-
MD5
e0522777294f677119798f23120ee71c
-
SHA1
0492cff92878608a364270e0638d91b69ef1cbfa
-
SHA256
52325afda2b4fb901eee03eb264f3651a15a5b6f4893b6cd64b1c103c75901ab
-
SHA512
b3dfa3c2f1354c128c23b634b9935f39609834c93085a9ab0b19e9d2281b9f1dcbbeb1382f924765ae4e334037e1497390d9402113546fbadd719cabd89e6c73
-
SSDEEP
384:FRfL6mS8ayvHxy63m+tDZdseXGEXNhDYLuA7InXxtXciDxVM6d0PALKz9G+mZsu:LBS8x72+1ZTaIn3siNvePALKs+mt
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Keylogger.exe
-
Size
10KB
-
MD5
7ed065eaead4459e1b802715367b57d9
-
SHA1
70bb5500f80c3c71fbaf7adaea527c16bfca316e
-
SHA256
2e6e13e2498910dd511c5eb7a53e29920f8d4bf506df97bd209a27d776ae9068
-
SHA512
750ffd5a77f74b2d3bbbbbd83ec91b67193d8ee82780c2bb8e389ea844f16c82c693a8696687bb0e2ab87a77cd3794155857a0124f15124957b8acbc47bcadaf
-
SSDEEP
192:Ctmcuq65SoDxi4maEYbRzmEsLkjgv5JHTCeJYHcwY7fazDZEi:CtlF60GE9rUhVsLF5pCrYyvZE
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Logger.dll
-
Size
28KB
-
MD5
1a5bdffcf34fe5fc47db4ce97acbdc84
-
SHA1
39b3dd1be11b42c24fe0fe7b99e25ed03c7167cc
-
SHA256
121aac292cdd142ec65ea12e979a20ecd0177a2d3a10cfbd19ad9d4ba15ce822
-
SHA512
526ef745434e65a7dfac61302ac03de6310b090120288a8f5bd9e6101917ee7440bf25dfa874ad6ed0a543575417ef01287b7cfe3880eb9f7f0451a2c93ec8b0
-
SSDEEP
384:gyQLebQc3aImZ5mzk2yKajPdseXGLN0phDbuAyso4bNmCaNDNCsQKbQr1jICQmo:hi/bbUyPMeBbl1AQ50CK
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/MessagePackLib.dll
-
Size
18KB
-
MD5
d2ea4f57c33f58c5e8cdc1e4ff4af383
-
SHA1
b6756bfb1b5f971e852628dd2783bd3241b4349b
-
SHA256
01f9912c5ddd0487ea92795bba830accb83f7f4fea9ec86932bd795cf7a7bbb2
-
SHA512
5c19dbfa99b0e551f572381ff6b6bf81831a7444af3a67b71d7c1073da86609d890d2957a743e688bce29ef1ec6ac309ff69ea6d19b7f38ea4aaf82f0ac0aa4a
-
SSDEEP
384:1muRruSxseXG+PgWuULvlxNDb1NSChgvG:sudV/llxT8u
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Miscellaneous.dll
-
Size
85KB
-
MD5
b78a7ddf651ed7e2556e18e3dca17c76
-
SHA1
2d0fe0010916d97b02d18d7e77f7adf7a934faaa
-
SHA256
0dffd990f376c3f168b1a546e402f0602820cc219011e0654ffae7e8a7fa4cb7
-
SHA512
f9bae7954d8906b7ddf1c70d233e04cebee8a3f387e93c8c8ba2d454b3462a47672b0bb7ab14851a19fcc5f64157ccfb2b75212dddc372e28a363d718ea0e91c
-
SSDEEP
1536:23sOZ2/gahPUvCOco3CVp8inOm3O4pj+am/zTt+IdjEB:csOZ2juCOnSVpZ3O4pj+aizdG
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Netstat.dll
-
Size
27KB
-
MD5
0948c41d0829e0ce3dadb8137f65e35d
-
SHA1
baf3d40f8d1122f5076c24837f5da267072a9148
-
SHA256
a48bbe4cf3785d4a5fa840fd6c4a981d429b07029c35e2c00c59840fdcc06556
-
SHA512
41c0856b17de342428b1b9842eab8eabdfde0b1efa96933816bdae4889494d249dcd2620bb89513a3c4e9b7943f8c365502ec9d8779fc02185629b3df0cd8422
-
SSDEEP
384:fVOeeN9i/cmrHm2kRpaeFZFXO4JA2oh93dseXGXh0gReDmYuDeFjSoB3Sk7DEY3C:dci/tGPraU7eWA2oPz3TB3P7R3+V+a
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Options.dll
-
Size
377KB
-
MD5
3df4396469d2e989b4ab5dd4d76836bf
-
SHA1
8e65a3bb2e88cf4fbcf6c6adf6f495a17314aa19
-
SHA256
5e6d3e8ad14beead318a3fbe7915fab6911afdedea639fc25a8b916177d6c415
-
SHA512
27e5e6469fc64e9c245eeaf5e86e8d5b88e3664b7941491f07d0fe79da7cd82e6aa03fff5b184dfdc926be03684dd0bc68597d6a3f3dcd979a40a9afd12d7b34
-
SSDEEP
6144:40ZHTjm66pzzevOqWdHUIByYF3ykIGL/ec:40x6Jy2dB7UkIS/
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/ProcessManager.dll
-
Size
27KB
-
MD5
513e993bd96fa53d798cd56add8a3e44
-
SHA1
8437186ccee1aeff146e6f8578ff14f7a2bb903b
-
SHA256
e2c7df6f2805b31df52d843307171a009c254c0be14164ef26765cbbb1df1ee0
-
SHA512
0681c24dd1302f93a9bfd4101db7de5b9c45fc2ee6614e82be5740c24159567c03711028e4459648ac4025dce2d822feb763a08575fc9503a19a6dca4d2ae1da
-
SSDEEP
384:+H5CDlBVSGumXg3eg9cZNvPR11+RIdseXGdR26ZDWl9fEZ5QDGSqunLI5uIeJgn5:+H5Cx2aXQeOkFyiEo7M/GrizB
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Recovery.dll
-
Size
1.3MB
-
MD5
5dc545beb2af706a4c5da03c13d9629b
-
SHA1
d37a626e64e95e0533eea325a4c1c21d65af8a5a
-
SHA256
dbef725003b235772e99bb1066a634e5a18b9e1b526ffd130d615b65d1646999
-
SHA512
7624e519371f002df509ee383f443248f1df73960db497d195b05290b12cd0e998df11794e5a8b069a2919175138b3ac11047bdf36d42ca7ac4f04594223364f
-
SSDEEP
24576:51lec1oJ/S8f+I9pADW+mmVrbseOrGPr4A3Px:51cZV+I9GEmVrbset4A35
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/Regedit.dll
-
Size
282KB
-
MD5
3235105f1265f337d88e75dfe935b6b9
-
SHA1
518bb1945ca35372013952567b63d68097dc5c43
-
SHA256
d38fe96cc4b63990e37536ff0453b652e02288c4690631400453cec0e1d8cbba
-
SHA512
c566edd07182387778f1e017cff90f929b7d03356562f4d26d14109fe17fbc5fb79b065bf0b147118c26b508c6dd3a6ddecb88170f43fa73c7afcf562e16697a
-
SSDEEP
3072:fZv9We0TJcowFLHKlXX3WqGdHvIPI0oipjM+o6jI11nnUOx9ttpXCC6CpVpn/qIY:BseF/MoYjt0rnnzXCxorty
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/RemoteCamera.dll
-
Size
109KB
-
MD5
1cca14eaacf789e24fc730ad870668bd
-
SHA1
2867138efdad632a876c123efe9888d47105865d
-
SHA256
a4550a2c2f81ac7e00fbf907befa9c5d88ba6f5d014bbb906e2335b29a8df30c
-
SHA512
1b87af17129f8a956fd27f49da274ebbd3f896280197bb453892375978c78837b2deb258109d8a49eae0052c05ea5f83c871701f7e9c2bc4c527b7be6b1eb2b8
-
SSDEEP
3072:WR3z44qqYY2fCjjFFjjpHNUU22UUKfEqzWfmGcb2ZqIpQzpPhzZg1kzl:444qqYY26jjFFjjpHNUU22UUKfEyIpQD
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/RemoteDesktop.dll
-
Size
37KB
-
MD5
73da49c0526cb2e0bb18a2b2bc425e76
-
SHA1
b202e218af9f0e6c87131c69474da830af616ec3
-
SHA256
7adf745d9c37507d3bdff929a2bdb3b7dc310b10ddb6b5bc113a3e3c888be755
-
SHA512
37cd2f261602d0e1d0fba4a773172ce800ead1a0b5300a7a6e8c04dc67c575c84db520438d6a0a1de5060d361f04bcecb0b25981b29a1d153fc6a3d2c2d16dd0
-
SSDEEP
384:bisLVw2bJSO7b/5rDK8mvrYLBllgBuaH8Qu1pwi2dseXoAakghD4B0AIug4IzPT7:GYlg3voTB52cjyOTGUuvuzhC4y0
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/ReverseProxy.dll
-
Size
14KB
-
MD5
8e54889cd85e11aaa4862fe64a54f094
-
SHA1
b1b2f5eadfef61afab837f9b84972f43cca3b729
-
SHA256
bb1d3d676745325134c7ce42151156c573731f6ae045bb9ffb5f526ee8267e63
-
SHA512
d3d0a977df99d3a1d2befc47d01ad23fa2e5b5a7449e5c9eb2ea9cbb12b773c4a4ba28957d6a1d81bf1e0e2326b210b907859428c10be8360fd695d489f4afe8
-
SSDEEP
192:qbBTOv+EgIRtac3iIs8YviqeOLUVw1z4ra2ZHouB/By0t/WJIGWE9Pu8t:4IvpAcJOLUqFkP/By0RO9Pdt
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/SendFile.dll
-
Size
28KB
-
MD5
2fa124eb886c9d14cccba431c52483ee
-
SHA1
f88189a93abdb002677497ba9ce5fdfca59c2ef5
-
SHA256
d04bf1a9f6014bf4bcdb3ac4eb6d85bcc4159ae25a7f00c4493cbcb8e892e159
-
SHA512
56f280ae18546a73b0ba4040f3f6c9973ec7656d6559fd1413b30c8d2a31b4466e751163cccf9d5cda419075ab43ed298b388b46b81e26b5804ccf6df6243206
-
SSDEEP
384:7MVWIGMyGJDe3Mm0xoQ1z8MRnuSugdseXGV/nNhiU7eukZRXYhNczlFaLQBCujLD:V4en06Qd8MRRugMCz6azAetX
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Plugins/SendMemory.dll
-
Size
30KB
-
MD5
9b117f9a24a0bfd792b776b7bc3e8640
-
SHA1
6a2ecd4c4c4ad33178b7ac0106c18afa5c1158a2
-
SHA256
d1c05b71eb9f28b036d54dc984353bed4d906ba66c5f9743ec55e4e3581f45ac
-
SHA512
f96c3dac47ac45ad33c9c63339ce84f679d9dadbf8c6d2fd993d544c12dd328681e39b1bb4b45f2e463023bac40b895c56a3b2bd480bf334ced223650c984416
-
SSDEEP
768:iwh1vfIOJKapaELei6/MkmYL5tHBDS+JmY:iDEU/BmGnU+x
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/SMDiagnostics.dll
-
Size
47KB
-
MD5
c02e5a99da407b7d17ee21c4fb5fb51c
-
SHA1
5a234d5f84dd43f5ef2aa63cc778c447feed9b7f
-
SHA256
b35d1f063c2dccacc44a8df7e0e05a494ef67f30a4b8d5b75444809afea592bf
-
SHA512
d61ed41ea6b35bd2d4de3916de33335f1031b692ff0c297e4194f0d3a47498b4e8e2f96d14540972206adf8aa5cd51de5792f45442ece7699982617f10282f43
-
SSDEEP
768:8V45c3hKgSQ+ourxPPY7tNGJ+5Qm8tHTUMjBPrm:8SmhKS+ZrmGJ+5QvbBS
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Siticone.Desktop.UI.dll
-
Size
2.4MB
-
MD5
3fba3e1f5db1e26ac862340aa2682c0b
-
SHA1
335fd824cba95d96f02cb5e7914e50cfabb40c55
-
SHA256
4885949a4c4b1837b81ed2e4040f3420381fb57865144444c58b2a57d39152db
-
SHA512
87d2787b4bcdc9caa3af95c4e85d0731ed7c3a70e0c1855efc159bbdbad5c69d1b8684bbf6087631b14334ddc69c6013a56b4ce5c00756b4588da771b60455b2
-
SSDEEP
24576:CDaMDvme1hA55HBbTJv2wbrlm12oQ4XpHynf6xJKeLVHGpgkaZKCjuBhkFd51xcJ:COg0Pm12VfIfLV1k8jd5o7JIPn
Score1/10 -
-
-
Target
VenomRAT-V5.6-HVNC/Stub/Client.exe
-
Size
60KB
-
MD5
324ef4e2187cb8fb01f9ce7b7803c79c
-
SHA1
f87c6d87f08fcc78a3a8312bc767f81c397be810
-
SHA256
a59354e798768e068f79816146d9f7b41e0003c50d5d8c82602fc16a16962999
-
SHA512
a621a85453ccf5426ec0732b26d238c26cf29466d5f0138bfd725fe922437401223df2b50b18ae96be73b15ba39bce9e61cdfac87a81a97d9e88cd23a845430d
-
SSDEEP
1536:AcSD4758ocxx8OKNhYEMWyhoTTI+xkrypqKmY7:AcSD475jcxx8OWiovI+xkrRz
-
Asyncrat family
-
-
-
Target
VenomRAT-V5.6-HVNC/Stub/ClientFix.bat
-
Size
10.5MB
-
MD5
42ef9db764c0f7361ba2157d9553c0e6
-
SHA1
6af1e60f9cd75627da67c3103b8e83d492f6d9d4
-
SHA256
7294af75a6810e34d6586cd4252ca9e87b95805abfd08124f7f0e450f444d271
-
SHA512
359509f1e3422ea0ed56ce031c33a63ab32b615454be377e239dcc0431393d39bc59ae30814dac79480f6dc8aaa96b269d4297083736ed294a1867b4804406bf
-
SSDEEP
49152:gQ9BWVZIi5Ld5kJq5JpqxlQCJXGDEzUEfALG/2gCAMOX2Pf3kp4E4VJMZa1m9WmI:q
-
Quasar family
-
Quasar payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Deletes itself
-
Executes dropped EXE
-
Indicator Removal: Clear Windows Event Logs
Clear Windows Event Logs to hide the activity of an intrusion.
-
Hide Artifacts: Hidden Window
Windows that would typically be displayed when an application carries out an operation can be hidden.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
2Hidden Files and Directories
1Hidden Window
1Indicator Removal
1Clear Windows Event Logs
1