General
-
Target
VenomRAT.exe
-
Size
63KB
-
MD5
f14935119fd0d3b31da37aea2b1f7494
-
SHA1
bb64f81fe895a8a86e375ac95adc564cc3e1130d
-
SHA256
3749270a04658da7d3d5b80d333b052ea91237e68b807bbe27f612d31ce425f5
-
SHA512
a1236fc0780d8fd5195e703b2a2563c0bc307c7b2da26782454e80900e3dc2d1b1b3762ed736b2c6aaefd0342edb2236ecaa4c26be5e95b425e719f97a517fb0
-
SSDEEP
768:Cmxvn0zXf78NwC8A+XU2azcBRL5JTk1+T4KSBGHmDbD/ph0oX02ALsSusdpqKYhg:LQXDLdSJYUbdh902AfusdpqKmY7
Score
10/10
Malware Config
Extracted
Family
asyncrat
Botnet
Default
C2
192.168.56.1:7001
Mutex
0VZx9ΕQ8NZ6mCx杰斯qΔOqת
Attributes
-
delay
1
-
install
true
-
install_file
Windows Cleaner.exe
-
install_folder
%AppData%
aes.plain
Signatures
-
Async RAT payload 1 IoCs
-
Asyncrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
VenomRAT.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections