Behavioral task
behavioral1
Sample
.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
.exe
Resource
win10v2004-20231020-en
General
-
Target
.exe
-
Size
63KB
-
MD5
d6aeae6095e4a51695bbe6425d0184d7
-
SHA1
e1963ee156f9c91684f0b1fd15a1b30b7fc23438
-
SHA256
5829681f6673e16158d82d261930505b78bbba57e1674ba4734888eedbc63c4a
-
SHA512
1841a069a4943a905cc72cfa90326f7af2c4ed392b82dabc8c38f6fa5ae8113adb776f24fbde7de7d4f7a2da31f6cbca8b5e917e1c08cfbf5d3ebd70e59bd3d4
-
SSDEEP
1536:QhB5LrUwk4XO01V5eeiIVrGbbXwyF/GODpqKmY7:QhB5LrUwk4XVVseXGbbX7vgz
Malware Config
Extracted
asyncrat
5.0.5
Venom Clients
127.0.0.1:4449
127.0.0.1:22
Venom_RAT_HVNC_Mutex_Venom RAT_HVNC
-
delay
1
-
install
false
-
install_folder
%AppData%
Signatures
Files
-
.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 58KB - Virtual size: 58KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ