General

  • Target

    2a318235a7908da2cfacd1711becc3c0da7a23359a98628f6d1fe14a7dd97b70

  • Size

    63KB

  • Sample

    231114-khgz7shg7t

  • MD5

    9c65c31fa60a7490db9ac229f88aeaec

  • SHA1

    1165267dfffa7ac1443002fb331fd573d34132ae

  • SHA256

    2a318235a7908da2cfacd1711becc3c0da7a23359a98628f6d1fe14a7dd97b70

  • SHA512

    f18cde1280543d32b442df89edb53420b5b40e1075cd3001bfe255557d9fe70670467e3005e68dc9e4bd0a2835a99bb7850eb4eefc866bb2bdd6dd177292eb61

  • SSDEEP

    1536:ZnQpg/GiDABXOUcbbKwPoGoGfDpqKmY7:Zj/GiDu/cbbKEHgz

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT 5.0.5

Botnet

Test Paid not Crypted

C2

142.202.188.173:9953

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes
  • delay

    1

  • install

    true

  • install_file

    KDFManager.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      2a318235a7908da2cfacd1711becc3c0da7a23359a98628f6d1fe14a7dd97b70

    • Size

      63KB

    • MD5

      9c65c31fa60a7490db9ac229f88aeaec

    • SHA1

      1165267dfffa7ac1443002fb331fd573d34132ae

    • SHA256

      2a318235a7908da2cfacd1711becc3c0da7a23359a98628f6d1fe14a7dd97b70

    • SHA512

      f18cde1280543d32b442df89edb53420b5b40e1075cd3001bfe255557d9fe70670467e3005e68dc9e4bd0a2835a99bb7850eb4eefc866bb2bdd6dd177292eb61

    • SSDEEP

      1536:ZnQpg/GiDABXOUcbbKwPoGoGfDpqKmY7:Zj/GiDu/cbbKEHgz

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks