General
-
Target
654f5bd0b7ac312458648a661796c16430739dc38f55139d6e7ae0e4d6115d15
-
Size
5.1MB
-
Sample
220704-t5vn9aacen
-
MD5
b18a9b0fba6a95c29bf6fe1187a95e22
-
SHA1
f53dfa8f06ee213005c8a9fdfd564a72e3ce2159
-
SHA256
654f5bd0b7ac312458648a661796c16430739dc38f55139d6e7ae0e4d6115d15
-
SHA512
a09220560b75bacacdf2ae7a9660aec7ec35aa975766b74a34b712350555f7e4eb4ed30a343cc2b67c6613cee8c7e4dc77a418a684f8ad814c1c99331af668f5
Static task
static1
Behavioral task
behavioral1
Sample
654f5bd0b7ac312458648a661796c16430739dc38f55139d6e7ae0e4d6115d15.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
asyncrat
5.0.5
ads2
137.74.157.86:4449
Venom_RAT_HVNC_Mutex_Venom RAT_HVNC
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
654f5bd0b7ac312458648a661796c16430739dc38f55139d6e7ae0e4d6115d15
-
Size
5.1MB
-
MD5
b18a9b0fba6a95c29bf6fe1187a95e22
-
SHA1
f53dfa8f06ee213005c8a9fdfd564a72e3ce2159
-
SHA256
654f5bd0b7ac312458648a661796c16430739dc38f55139d6e7ae0e4d6115d15
-
SHA512
a09220560b75bacacdf2ae7a9660aec7ec35aa975766b74a34b712350555f7e4eb4ed30a343cc2b67c6613cee8c7e4dc77a418a684f8ad814c1c99331af668f5
Score10/10-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-