Behavioral task
behavioral1
Sample
bett.exe
Resource
win10v2004-20230220-en
General
-
Target
bett.exe
-
Size
63KB
-
MD5
54c86fdc1ad4afbc4d971ec216194179
-
SHA1
23c806a2bb192a802c7cf4b05af0ca1a3aeb5f24
-
SHA256
b4c9a4bab468367165037daf46a0e81f353a40a8c8096a2cd422c0f05d42b785
-
SHA512
5e585a34c4ea0c28084e2b032608c01a305f2f2c3db798fe7b4a07928a58a590d8e91c32d0227d9c1c0e83b46aa95cf99ed51e1e8eff860484018204cc6c41fd
-
SSDEEP
768:NlNpSSnt7iPDVoiM9J2h+0q8XhtnyO+I1+NSCv7mqb2nCpwH1owfVolahPGKDpqM:Xpt8Oht8X5LXGbbtwPGKDpqKmY7
Malware Config
Extracted
asyncrat
5.0.5
Venom Clients
127.0.0.1:1278
white-camcorders.at.ply.gg:1278
Venom_RAT_HVNC_Mutex_Venom RAT_HVNC
-
delay
1
-
install
false
-
install_folder
%AppData%
Signatures
Files
-
bett.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 58KB - Virtual size: 58KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ