General
-
Target
1116-560-0x0000000000250000-0x0000000000858000-memory.dmp
-
Size
6.0MB
-
MD5
0ac533d95c343a28c0b69cf6606a6d94
-
SHA1
4736a1d8146074a2fb7492fc8af417d4a248e36d
-
SHA256
aa161d8b92a1888d9ed7ae7c6f4a3976b5fe10585aeb28fa4f6819fb92b9d7aa
-
SHA512
e9f5d23ddb9c68c460de12212e4ccb6913df6d6fa5fa98282a7c5b6c619914d8f0db9cc3ef82c7b0c9d7f8f0fc5149c0fc87a281727bf18988bafe086857c6a4
-
SSDEEP
1536:cIUbkcxVKpC6yPMVaeVAIGH1b3/Eo1k7QzcxLVclN:cIUYcxVENyPMVRVEH1b3e7Q8BY
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
Venom Pwn3rzs' Edtition v6.0.1
Botnet
Newday2
Mutex
BYUzsfcfTrDGdfgfGfnhhy6cerhcehrctRCRTHCr
Attributes
-
delay
1
-
install
false
-
install_folder
%AppData%
-
pastebin_config
https://pastebin.com/raw/7JZQMzKS
aes.plain
Signatures
-
Async RAT payload 1 IoCs
-
Asyncrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1116-560-0x0000000000250000-0x0000000000858000-memory.dmp
Headers
Sections