arrowrat | c5835fdee5b37ac6eb59449bd8506ef91c10d7a04a000225d5c8a6b849874574

Sharing

Copy URL

Twitter E-mail

General

Target

b2a4aca9ebb9d8032d7ac5b426c3bbbfb59bff6051f963fc9d55239a48b06898.zip
Size

16.5MB
Sample

231017-qtfjeadf97
MD5

a04694ad813a1d9da4afad5aafbd7ac6
SHA1

46eec1543a3d08894fa1f9b7390115cce996b119
SHA256

c5835fdee5b37ac6eb59449bd8506ef91c10d7a04a000225d5c8a6b849874574
SHA512

ed2be48ffe0798b6b78ebb8446ca499c49dcbcd0319820ebf109eb7fa47f7b5bda86601283fe8006444a05aa58b699954399618c2f335e0a0bee54c02527b202
SSDEEP

393216:aKRlw4NNMipbpWwbWVjw2M1cONxrdLLxfeurprfsDx2N7rMGss4n5BdDzjHgg:aUGGpvbwjwuOdLLx/rWApss8LzjHZ

Score

10^/10

arrowrat asyncrat %group%agilenet rat

Malware Config

Extracted

Family

arrowrat

Botnet

%Group%

%Hosts%:%Ports%

Mutex

%MTX%

Targets

- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Collections.NonGeneric.dll
- Size
  
  20KB
- MD5
  
  45ff71114047dbf934c90e17677fa994
- SHA1
  
  526c688e71a7d7410007ad5aa6ea8b83cace76c5
- SHA256
  
  529943c0cdf24f57e94bf03fac5f40b94a638625027a02df79e1e8cb5d9bc696
- SHA512
  
  29684ac5391268eaa276196a6249364f6d23abfe59bdc304a561cf326cea6cd662fa04c05e15924fd6d3f9e9d1607992b8dcad3f817cfe891580f9d9462fe9b7
- SSDEEP
  
  384:2napn1iwwPWcGWNhvT1Dm0GftpBj/aQHRN7oIBldBoQAY0GP:lDuF91DVi1LoIzoJYR
Score

4^/10
behavioral1 behavioral2
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Collections.Specialized.dll
- Size
  
  20KB
- MD5
  
  b52c339601cb264f83df72d802e98687
- SHA1
  
  8bbb7badaaa912c1f17775e9acdcab389704c772
- SHA256
  
  938da38561da54793944e95e94b6e11cf83aacd667487297d428fbce1c06dc9c
- SHA512
  
  287f08ab07827570f9f3ef48a6d7e5c186899a2704fb3dbaf36975f6be7b29fb6695a69fab85a6f09bddefb60c79052c3a33cf862651f892eb9d773d880b3af8
- SSDEEP
  
  384:2ZHLaEav5aaUa6arWVLWOvT1Dm0GftpBjq1xFaQHRN71mldBoQAYu:rPv5t/NOF1DViQ1xFLcoJYu
Score

1^/10
behavioral3 behavioral4
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Collections.dll
- Size
  
  21KB
- MD5
  
  1d8aafeca1ea565b257384d3f64864b0
- SHA1
  
  4d923b100142afa2e0a8b7acdb3a6de6feb91148
- SHA256
  
  c2250e9e51b44d8ab8c5b892592766925f6580ee00b95026621d0afb037c2707
- SHA512
  
  99e4a226e1fabb348e7ef7c6fa56ad0ce4e4cf5d8569ce21881703dca8d83a1c113fd5f440a4fc9e9b99a04ae8cf4490e17d62ffc09cfac5a45678a4419efdbb
- SSDEEP
  
  384:h6iIJq56dOuWSKeWkvT1Dm0GftpBj0RaQHRN7T7lxBGDto:viAw1DViKRLTxMi
Score

1^/10
behavioral5 behavioral6
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.ComponentModel.EventBasedAsync.dll
- Size
  
  21KB
- MD5
  
  6067ecbab3c6dddb6bf7c49c7948caa8
- SHA1
  
  5f3da777af01dbc159bd8d9d97d5dc105918afc5
- SHA256
  
  22108e32e0b6e42f5f52a4cb17b9b6fa3dfd547ecd9eef9c67226dbec54d23e5
- SHA512
  
  9f3e834b8342e0c7aa5ccc993b520d664b03f1f0091066c66067923e1d4991efa03f63908552538c05f423aa2b696de7c76993f71a7564f3e87662cb0fc00726
- SSDEEP
  
  384:/nzz+MpSaLWW0+WNC7Bm0GftpBjsY1xaDaQHRN7RlTZVkRzQ:npuAViVxaDLHZV+Q
Score

1^/10
behavioral7 behavioral8
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.ComponentModel.Primitives.dll
- Size
  
  21KB
- MD5
  
  2f39655ccfc010e32a7240d9bf5d0852
- SHA1
  
  20aeaed12dfb8d71e39687350eb12bc0de372af0
- SHA256
  
  bfcd867f71c887429dfe008d7ec5d1853d15b3932d4ce8991694293477b5be37
- SHA512
  
  9769e59279a32f29c2f2c6970c81d3ed76fe3421b819ddffc8fa98329f1b45300c737fdf71956672f80f69b3a75727d184f8c421e00b84e94163a86cb744a991
- SSDEEP
  
  384:fGhr+YUfyHxsW/HWiC7Bm0GftpBjoEKaQHRN7VlO62gHcXn2d:MkmyViaLEg832d
Score

1^/10
behavioral10 behavioral9
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.ComponentModel.TypeConverter.dll
- Size
  
  22KB
- MD5
  
  d1699287934da769fc31e07f80762511
- SHA1
  
  bfe2384a92b385665689ad5a72f23abc8c022d82
- SHA256
  
  0dbb92ecd5dfa7fc258bc6deed4cecf1b37f895457fd06976496926abdb317bb
- SHA512
  
  4fef3e1535f546ffdde0683f32a069beeffe89096524c7068f1f5ce8377824f82ae530d3990c9dd51bccaa9e53fded5613fa1174013325808059276dee771187
- SSDEEP
  
  384:BRE+ruiA5vzWeNWnvT1Dm0GftpBj94aQHRN7N+ql78oSwDnuQM:BS9bW1DVib4L5awfM
Score

1^/10
behavioral11 behavioral12
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.ComponentModel.dll
- Size
  
  20KB
- MD5
  
  632cc8ad69b76fd9bb5847de1e1439f7
- SHA1
  
  2e32d50ec33ec6635681485b754f4e58d434a5ee
- SHA256
  
  5e61d755616cb10524f5f31e9b70c65a7fff8e30e25ce711ac8b354d657ab479
- SHA512
  
  9ba5cc82573308e5d995ba05bc660fc1c087eb91d8bd7efca6ff838a3c47bd6118d9c92919b2e0dac11a5a27977318c5c819499dc19cd5d6e57122a0749858c6
- SSDEEP
  
  384:HT+6ywnVvW0LWqvT1Dm0GftpBj+XaQHRN7qn0lTZVk0N:H9911DViYLqeZVdN
Score

1^/10
behavioral13 behavioral14
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Console.dll
- Size
  
  20KB
- MD5
  
  ea9376c17ee0148f0503028ad4501a92
- SHA1
  
  9d5686cbf45e90df5e11d87e7b90173a1a64b1a0
- SHA256
  
  b537313413f80105f143cc144feeae2ac93f44747727de309a71d57d2650034a
- SHA512
  
  18d1bb2d5c469644078d75766dbf04addf7d0c543f7ed15ff522ceeaef960900dd8ec68172f5d684b76b0aa6946bb38d641f021ec04c70ad66a6062c10412e0a
- SSDEEP
  
  384:iRbzriaXT+WlEWLC7Bm0GftpBjXUNZiTaQHRN7hldBoQAYv8:A7icYVisiTLToJYU
Score

1^/10
behavioral15 behavioral16
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Data.Common.dll
- Size
  
  150KB
- MD5
  
  d712a5a82a446086443ce00b610d8a5d
- SHA1
  
  7add96baa123db819f2f3d5aa62d6f872ce8fe14
- SHA256
  
  1c7bff6f16bb618648e699b723aeafe511515cd6aad699c25faae2a507e22811
- SHA512
  
  225128e58e2f01b5caada6fe54b1d32ff6a700542ce22b425649ab22da2944f796f04d1a2428c542bcab5348a161cf73f5f9a1e7bbf1f6417c4d507217fe3fd0
- SSDEEP
  
  3072:wdYO+3m9R6e1x03BZ6bDSzZ8B0uAP+Pch:i+2jv1x0ebezWiumh
Score

1^/10
behavioral17 behavioral18
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Diagnostics.Contracts.dll
- Size
  
  21KB
- MD5
  
  99373ab10858746aad424f28b48277f5
- SHA1
  
  5042ee630a6c7c2986e8323a14d052c1d83b6f61
- SHA256
  
  9c4ae61e0e8365762efe3d34c5595029f2c12e0079e6070720e2cef0882c84e5
- SHA512
  
  e96f8fdd6ffb702d344746ce82de576bba8636ede3e39a7da18ccf8a0178b8346fd31140760b864f1487d7804d931ff1a18de07a4cafa0cf79bdb340421fc03f
- SSDEEP
  
  384:8RtRWjYWYvT1Dm0GftpBjaGaQHRN77TlgaGn73:+i61DViUGLHG7
Score

1^/10
behavioral19 behavioral20
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Diagnostics.Debug.dll
- Size
  
  20KB
- MD5
  
  8b8c402311d7ab87e588675e736414fd
- SHA1
  
  eb8c010a35b461402c1c33133f1b61c78be8425a
- SHA256
  
  55a30d92d163cf1807bea6dc13b4c13e70aebbb034dc77eaef4f4394730dcd8e
- SHA512
  
  d03f450a3a19320de71145e48cd7c088d9b50d0a683cc9a79d8967dce085a6f63cbe537fca1c6208865eb52eafb10189613c7233047318caeb2fb2c23c34a269
- SSDEEP
  
  384:IeWnoWMC7Bm0GftpBjVwaaQHRN7g20lgaGn771Y:InTViMaLnYGtY
Score

1^/10
behavioral21 behavioral22
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Diagnostics.FileVersionInfo.dll
- Size
  
  20KB
- MD5
  
  0d9a641105098d642567b22101a4de0b
- SHA1
  
  12419c25d1c2eb706a4e4e649ee353ceda7446a9
- SHA256
  
  7c25a74772e135257235640a0264ddc05235e14f3627896cfe735e9955155f83
- SHA512
  
  fd4560cdf01de237ddf797a33c5dbc220d3fcae07ede17d43c39f5562e36e03646676a87e20699d7603fca6d84f66c8756eb863dd4727b7e1a499619bb88dde1
- SSDEEP
  
  384:m6oWJjWlC7Bm0GftpBjJeiaQHRN7t2H9lO62gHcXq:m6vpVi+iLtecg8a
Score

1^/10
behavioral23 behavioral24
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Diagnostics.Process.dll
- Size
  
  21KB
- MD5
  
  d86b0aca05321569d9383dc7c4e9e934
- SHA1
  
  2ef7d0a222c3a3e564b3c72d5b71a5be40a7adea
- SHA256
  
  28b165cddb82a2507114394ae398995ef8a50c549214f8678aa66054f6927754
- SHA512
  
  5959e1129c983825233a07869dd1b2b1db32830d2b5f6b7f8d869c39a76a241f88f76d37341fdfbf56f000fc6acba19aeb36a7efb94721494b41b65bf4978651
- SSDEEP
  
  384:Gqk53/hW3fZ+zWQC7Bm0GftpBj6dlwaQHRN7q5blgaGn7i:Gqk53MpViywLGbGu
Score

1^/10
behavioral25 behavioral26
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Diagnostics.StackTrace.dll
- Size
  
  23KB
- MD5
  
  fa98a0f020248c2be1dd40c07092f22a
- SHA1
  
  ef6b3ccff90beddab5ce6f60b4cc23f75edfd009
- SHA256
  
  cae99f910874288afbf810968d13b79d755cd4b2006609ec036ea4934181cba5
- SHA512
  
  554a25c761102dc41a9e421621e329868d1162ab29f47e59754c8fcfae0c12bbe8200e1b5975abf926f1de0977a5407c43202ac8a2801c69a7f01d95b6a1e959
- SSDEEP
  
  384:TFCc4Y4OJWfOWqWWOWYDzDm0GftpBjnZaQHRN7IlDggA:RCcyCSVifLeLA
Score

1^/10
behavioral27 behavioral28
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Diagnostics.TextWriterTraceListener.dll
- Size
  
  20KB
- MD5
  
  a964808487e671bb369dbc0e4dc5a947
- SHA1
  
  c3848473e42e2f9b4d0a00180ea9ade654432587
- SHA256
  
  63eab38ee9f4dcd686c8e6a4f01e1e2a9bb91e52b20ab4dde0c28061e9261860
- SHA512
  
  7352368b68835ecc9c5943ae2f2bd5cab775a7fbb018af7683e74fad1731a9738ae14ebe0bccd854a223ab762fca7ec11411fdae865c5c6ddd034900fa55cfd0
- SSDEEP
  
  384:EAWxMW3QvT1Dm0GftpBj1ROaQHRN7gIlBLY6fc8:Evxs1DVidOLgEYA
Score

1^/10
behavioral29 behavioral30
- Target
  
  Venom 5 HVNC RAT v5.0.4/System.Diagnostics.Tools.dll
- Size
  
  20KB
- MD5
  
  27c7d752c11c3f43f28eb31968e73e2b
- SHA1
  
  51e466218025126c5e524afd2086f4ab0bf3660a
- SHA256
  
  260c6250ef9b57dca99b4cecc533f9a34857b5a32b5351202f776163841200aa
- SHA512
  
  393d1747911a7f91f4c4f4f363a3782f24e00431478088da454823a223a4e75e51d9b010fc5d9746e2bf0185be90071b6cb70c777337d718b39151eef6b486aa
- SSDEEP
  
  384:UUAlcWHaWlvT1Dm0GftpBjXGIRaQHRN7/lBLY6fIi:29N1DVihGIRL/Yni
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32