Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

VenomRAT-V...to.dll

windows11-21h2-x64

1

VenomRAT-V...I2.dll

windows11-21h2-x64

1

VenomRAT-V...on.dll

windows11-21h2-x64

1

VenomRAT-V...or.dll

windows11-21h2-x64

1

VenomRAT-V...er.exe

windows11-21h2-x64

1

VenomRAT-V...on.dll

windows11-21h2-x64

1

VenomRAT-V...io.dll

windows11-21h2-x64

1

VenomRAT-V...at.dll

windows11-21h2-x64

1

VenomRAT-V...rd.dll

windows11-21h2-x64

1

VenomRAT-V...ra.dll

windows11-21h2-x64

1

VenomRAT-V...er.dll

windows11-21h2-x64

1

VenomRAT-V...er.dll

windows11-21h2-x64

1

VenomRAT-V...un.dll

windows11-21h2-x64

1

VenomRAT-V...on.dll

windows11-21h2-x64

1

VenomRAT-V...er.exe

windows11-21h2-x64

1

VenomRAT-V...er.dll

windows11-21h2-x64

1

VenomRAT-V...ib.dll

windows11-21h2-x64

1

VenomRAT-V...us.dll

windows11-21h2-x64

1

VenomRAT-V...at.dll

windows11-21h2-x64

1

VenomRAT-V...ns.dll

windows11-21h2-x64

1

VenomRAT-V...er.dll

windows11-21h2-x64

1

VenomRAT-V...ry.dll

windows11-21h2-x64

1

VenomRAT-V...it.dll

windows11-21h2-x64

1

VenomRAT-V...ra.dll

windows11-21h2-x64

1

VenomRAT-V...op.dll

windows11-21h2-x64

1

VenomRAT-V...xy.dll

windows11-21h2-x64

1

VenomRAT-V...le.dll

windows11-21h2-x64

1

VenomRAT-V...ry.dll

windows11-21h2-x64

1

VenomRAT-V...cs.dll

windows11-21h2-x64

1

VenomRAT-V...UI.dll

windows11-21h2-x64

1

VenomRAT-V...nt.exe

windows11-21h2-x64

10

VenomRAT-V...ix.bat

windows11-21h2-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    153s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241023-en
  • resource tags

    arch:x64arch:x86image:win11-20241023-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    24/12/2024, 05:31 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VenomRAT-V5.6-HVNC/Plugins/Fun.dll

  • Size

    36KB

  • MD5

    60ec3a7d2b3ad2e295c37d00f7cfbcc9

  • SHA1

    3d0a9141b8fe0c35fa6895ac770dc770323ec9e8

  • SHA256

    30fb82935718d1bdf5fbd0dd859d17a9797d6a355a944b506349d46b36fcda25

  • SHA512

    3450b281454027e6d82cf332290db31c86ed03da7c75143781edebb828d3e3ee112a7794544f4d27bc2964d9d72c9ab2acb706979bbcfb696751312333d1c41a

  • SSDEEP

    384:37fLviWK1Xr4GtVmEc6BktslnlrqKQdseXGtrR52bhimwy0Xprnhc4rSf7rpVqK5:LGXFEGtMqS2lnhQk95Z3nhXraDUCEk

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\VenomRAT-V5.6-HVNC\Plugins\Fun.dll,#1
    1⤵
      PID:3140

    Network

    • flag-us
      DNS
      23.236.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      23.236.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      18.173.189.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.173.189.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      ocsp.digicert.com
      Remote address:
      8.8.8.8:53
      Request
      ocsp.digicert.com
      IN A
      Response
      ocsp.digicert.com
      IN CNAME
      ocsp.edge.digicert.com
      ocsp.edge.digicert.com
      IN CNAME
      fp2e7a.wpc.2be4.phicdn.net
      fp2e7a.wpc.2be4.phicdn.net
      IN CNAME
      fp2e7a.wpc.phicdn.net
      fp2e7a.wpc.phicdn.net
      IN A
      192.229.221.95
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
    No results found
    • 8.8.8.8:53
      23.236.111.52.in-addr.arpa
      dns
      426 B
       484 B
       6
      3

      DNS Request

      23.236.111.52.in-addr.arpa

      DNS Request

      18.173.189.20.in-addr.arpa

      DNS Request

      ocsp.digicert.com

      DNS Response

      192.229.221.95

      DNS Request

      95.221.229.192.in-addr.arpa

      DNS Request

      95.221.229.192.in-addr.arpa

      DNS Request

      95.221.229.192.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.