Overview

overview

10

Static

static

1

Google Ai ....9.msi

windows10-ltsc_2021-x64

10

Google Ai ....9.msi

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Google Ai Browser v1.0.9.msi

  • Size

    68.9MB

  • Sample

    250403-v7ydla1sby

  • MD5

    a8f19829f0c6a008c9e4a2fa60c17fe1

  • SHA1

    bd6006f43b88b4bce6929a03a34d7daf3d53829f

  • SHA256

    d7c1332432d04e757cf1e7f684f3eaf7558df0d2b076ebe293e393151bb5391f

  • SHA512

    e301c24967e35ec5259dd43c3109fd9e5a243b54bf1ae690ee25c2193fb9772eb8ad85d0add305dd045b6ba003a4bd0c687d2ace480b4ee7bb9a0a71f2464533

  • SSDEEP

    1572864:O0sBl88NiDnEr1FV6YWCfHdc5nfXR3w4y5v7PjOwNAWK3CMkT/BmPoP3jqjjrNG:8RMDELV6wfdc5nW4yhOmAWlMkVC

Score
10/10
valleyrat_s2backdoordiscovery

Malware Config

Extracted

Family

valleyrat_s2

Version

1.0

C2

23.133.4.3:6666

23.133.4.3:7777

127.0.0.1:80
Attributes
  • campaign_date

    2025. 2.28

Targets

    • Target

      Google Ai Browser v1.0.9.msi

    • Size

      68.9MB

    • MD5

      a8f19829f0c6a008c9e4a2fa60c17fe1

    • SHA1

      bd6006f43b88b4bce6929a03a34d7daf3d53829f

    • SHA256

      d7c1332432d04e757cf1e7f684f3eaf7558df0d2b076ebe293e393151bb5391f

    • SHA512

      e301c24967e35ec5259dd43c3109fd9e5a243b54bf1ae690ee25c2193fb9772eb8ad85d0add305dd045b6ba003a4bd0c687d2ace480b4ee7bb9a0a71f2464533

    • SSDEEP

      1572864:O0sBl88NiDnEr1FV6YWCfHdc5nfXR3w4y5v7PjOwNAWK3CMkT/BmPoP3jqjjrNG:8RMDELV6wfdc5nW4yhOmAWlMkVC

    Score
    10/10
    valleyrat_s2backdoordiscovery

    • ValleyRat

      ValleyRat stage2 is a backdoor written in C++.

      backdoorvalleyrat_s2

    • Valleyrat_s2 family

      valleyrat_s2

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks