General
-
Target
7edb2695de8a294a93f6ad48edb3b1e8199fbfbed4a6dd78c180e3c29e7eaae6
-
Size
41KB
-
Sample
220120-xm6wcabbg3
-
MD5
45a4b5682899474927c9184aaeeed2a0
-
SHA1
07106912a9aff461a3b4e8201474e0a70c0c4afa
-
SHA256
7edb2695de8a294a93f6ad48edb3b1e8199fbfbed4a6dd78c180e3c29e7eaae6
-
SHA512
4b7206bb343e9bf0694f732a282a71bf24fbf3520656bb186323091762b64d8dbf4c4cd580e6f93ef5a1478ab6af47fef1a6264f51d380d23f40792478a1b161
Static task
static1
Behavioral task
behavioral1
Sample
7edb2695de8a294a93f6ad48edb3b1e8199fbfbed4a6dd78c180e3c29e7eaae6.exe
Resource
win10-en-20211208
Malware Config
Extracted
asyncrat
VenomRAT_HVNC 5.0.4
Venom Clients
188.119.112.140:4449
Venom_RAT_Mutex_Venom_RAT
-
anti_vm
false
-
bsod
false
-
delay
0
-
install
true
-
install_file
CvkjdhfWr.exe
-
install_folder
%AppData%
-
pastebin_config
null
Targets
-
-
Target
7edb2695de8a294a93f6ad48edb3b1e8199fbfbed4a6dd78c180e3c29e7eaae6
-
Size
41KB
-
MD5
45a4b5682899474927c9184aaeeed2a0
-
SHA1
07106912a9aff461a3b4e8201474e0a70c0c4afa
-
SHA256
7edb2695de8a294a93f6ad48edb3b1e8199fbfbed4a6dd78c180e3c29e7eaae6
-
SHA512
4b7206bb343e9bf0694f732a282a71bf24fbf3520656bb186323091762b64d8dbf4c4cd580e6f93ef5a1478ab6af47fef1a6264f51d380d23f40792478a1b161
Score10/10-
Async RAT payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-