Overview

overview

10

Static

static

10

b45bc47b70...f0.exe

windows7-x64

10

b45bc47b70...f0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b45bc47b705c7c7ce66c8d8ada89d6f358667ccd341f7a0df82cc39046b82bf0

  • Size

    74KB

  • MD5

    d8122cd6ca1280eee6c7b77ab0939f8a

  • SHA1

    db93637ec5bad513840cbe0ec16ce19436e0939b

  • SHA256

    b45bc47b705c7c7ce66c8d8ada89d6f358667ccd341f7a0df82cc39046b82bf0

  • SHA512

    a9b6fdce9f5f6fcaac3518529d0b0deef71ded7e44b53b4f196764ef5806c8baeca895b375a7f12d2b3cf05ab81ac3a88bab5ce3156867277d27deeb9b2e2ab9

  • SSDEEP

    1536:FUl0cxm+XpbCNiPMVye9VdQuDI6H1bf/8jLOQzckxLVclN:FUucxm+XZKiPMVye9VdQsH1bfU3OQhxi

Score
10/10
ratclientasyncrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Client

Mutex

zrnrwroqnoqhqaqr

Attributes
  • delay

    1

  • install

    true

  • install_file

    OPENVPN.exe

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/rsKSXpGQ

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b45bc47b705c7c7ce66c8d8ada89d6f358667ccd341f7a0df82cc39046b82bf0
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections