Overview

overview

10

Static

static

10

VenomRAT-V...nt.exe

windows7-x64

10

VenomRAT-V...nt.exe

windows10-2004-x64

10

VenomRAT-V...NC.exe

windows7-x64

7

VenomRAT-V...NC.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2024 03:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VenomRAT-V5.6-HVNC/Venom RAT + HVNC.exe

  • Size

    15.5MB

  • MD5

    c9a19172aec8f4d35aabe33d2123d53c

  • SHA1

    24f5dc16f84b7096d2561b628ee22e4aa3fb65a3

  • SHA256

    51505fab78a7b318bcae9d3005fd3035517141abed16054541c29c03bb9af4ea

  • SHA512

    cde593b070d0ea9067651fe107099621c3e1351ad00cf1c641b211fbb4adb380fb83d7a6276cff1e11496f43fc776c603f12ee67aacf0effaf192b4a53199994

  • SSDEEP

    196608:IA5PPrnA5PPr3lAA5PPrJSe6PC7aIahLkNPFCZZwiJl1NLIsPA8fxvuIMzd/95Un:LebljNd60T7P+Zw6NLIsFfskh1BmXG

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VenomRAT-V5.6-HVNC\Venom RAT + HVNC.exe
    "C:\Users\Admin\AppData\Local\Temp\VenomRAT-V5.6-HVNC\Venom RAT + HVNC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2408

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\2e467f22-fd46-4a8b-b54a-a1ebefcab704\SiticoneDotNetRT64.dll
    Filesize

    75KB

    MD5

    42b2c266e49a3acd346b91e3b0e638c0

    SHA1

    2bc52134f03fcc51cb4e0f6c7cf70646b4df7dd1

    SHA256

    adeed015f06efa363d504a18acb671b1db4b20b23664a55c9bc28aef3283ca29

    SHA512

    770822fd681a1d98afe03f6fbe5f116321b54c8e2989fb07491811fd29fca5b666f1adf4c6900823af1271e342cacc9293e9db307c4eef852d1a253b00347a81

    Download Submit

  • memory/2408-11-0x000007FEF62E0000-0x000007FEF6CCC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2408-2-0x000000001C580000-0x000000001C7E8000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/2408-3-0x000007FEF62E0000-0x000007FEF6CCC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2408-1-0x0000000000750000-0x00000000016E2000-memory.dmp

    Filesize

    15.6MB

    Download

  • memory/2408-10-0x000007FEF4C20000-0x000007FEF4D4C000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2408-0-0x000007FEF62E3000-0x000007FEF62E4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2408-12-0x000007FEF62E0000-0x000007FEF6CCC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2408-13-0x000007FEF62E0000-0x000007FEF6CCC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2408-14-0x000007FEF62E0000-0x000007FEF6CCC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2408-15-0x000007FEF62E3000-0x000007FEF62E4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2408-16-0x000007FEF62E0000-0x000007FEF6CCC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2408-17-0x000007FEF62E0000-0x000007FEF6CCC000-memory.dmp

    Filesize

    9.9MB

    Download