General
-
Target
5656-1109-0x00000000004C0000-0x00000000004D8000-memory.dmp
-
Size
96KB
-
MD5
8a7a4f77a631327f84083fa64b6b9996
-
SHA1
239dff15b2ffb36e85482a6fbc91b28a08ed5646
-
SHA256
a2ae691c36e1bd5b4827a76965e83c03553a1de7e26e98e74b0b984d2ecdf33c
-
SHA512
ff5bd550af037db58e6aac7105c08b9ead0a0a5e619dbabaace9bdd3d1fcee8955076bc3f65146827ef4db1c0ab79c2b29a15175a18f726a6fb8874167474d3f
-
SSDEEP
1536:JhUZAcxjVLcoCJPPMVOe9VdQuDI6H1bf/GDXQzcy7VclN:PUWcxjVLLCPPMVOe9VdQsH1bfqXQbxY
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Botnet
Default
C2
89.23.100.93:4449
Mutex
oonrejgwedvxwse
Attributes
-
delay
1
-
install
true
-
install_file
calc.exe
-
install_folder
%AppData%
aes.plain
Signatures
-
Async RAT payload 1 IoCs
-
Asyncrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
5656-1109-0x00000000004C0000-0x00000000004D8000-memory.dmp
Headers
Sections