darkvision | a0b6d6d2e94272dbcc21981b3da5b3f42f55a3b227d96edc99b60a41f19a5577 | Triage

Sharing

General

Target

a0b6d6d2e94272dbcc21981b3da5b3f42f55a3b227d96edc99b60a41f19a5577.exe
Size

1.0MB
Sample

250214-nnry5svndz
MD5

8bda1233f570302fead172d105df211c
SHA1

50aad6a4bcede38d5b81c1597f4bbd65573ca468
SHA256

a0b6d6d2e94272dbcc21981b3da5b3f42f55a3b227d96edc99b60a41f19a5577
SHA512

a5f268e8e3358de09d78fb43c7102ccdcd6b5fe4518f22c9ff03a95b9bdb8ba4a0941c8c5f49b3e6218cb2963005c34ba4d55c88d376496c11bede2f42f8969c
SSDEEP

12288:KIfbwPDpwTkiC2X8anaAZqVJCj6D2fJZSj+2O+AJzRhM:KIfbbbXnbZSK2O+AJzRhM

Score

10^/10

darkvision discovery persistence rat

Malware Config

Targets

- Target
  
  a0b6d6d2e94272dbcc21981b3da5b3f42f55a3b227d96edc99b60a41f19a5577.exe
- Size
  
  1.0MB
- MD5
  
  8bda1233f570302fead172d105df211c
- SHA1
  
  50aad6a4bcede38d5b81c1597f4bbd65573ca468
- SHA256
  
  a0b6d6d2e94272dbcc21981b3da5b3f42f55a3b227d96edc99b60a41f19a5577
- SHA512
  
  a5f268e8e3358de09d78fb43c7102ccdcd6b5fe4518f22c9ff03a95b9bdb8ba4a0941c8c5f49b3e6218cb2963005c34ba4d55c88d376496c11bede2f42f8969c
- SSDEEP
  
  12288:KIfbwPDpwTkiC2X8anaAZqVJCj6D2fJZSj+2O+AJzRhM:KIfbbbXnbZSK2O+AJzRhM
Score

10^/10

darkvision rat discovery persistence
- DarkVision Rat
  DarkVision Rat is a trojan written in C++.
  rat darkvision
- Darkvision family
  darkvision
- Blocklisted process makes network request
- Downloads MZ/PE file
- Deletes itself
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

darkvisiondiscoverypersistencerat