General
-
Target
statement_report.vbs
-
Size
3KB
-
Sample
240111-cl9wdsceer
-
MD5
6b937b9cec12fb4c35f013f1616b2c5f
-
SHA1
7cf302f45f71fe51baf8037369b85f8b864475b6
-
SHA256
4ae4de137b7769456036f7007236717c9d1e9eb4e80863175ac7709e499141f8
-
SHA512
e9017e50f9a35227e2e77749460faf6391212f722d1f9311c43d137f21780dc3f8cbe67ce4d267d5f96b8b8e83647fc673b479eb10b0dffd001b66c6655a3cfb
Static task
static1
Behavioral task
behavioral1
Sample
statement_report.vbs
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
statement_report.vbs
Resource
win10v2004-20231215-en
Malware Config
Extracted
https://wallpapercave.com/uwp/uwp4203994.png
https://wallpapercave.com/uwp/uwp4203994.png
Extracted
asyncrat
5.0.5
Venom Clients
moonvenom4449.duckdns.org:4449
Venom_RAT_HVNC_Mutex_Venom RAT_HVNC
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
statement_report.vbs
-
Size
3KB
-
MD5
6b937b9cec12fb4c35f013f1616b2c5f
-
SHA1
7cf302f45f71fe51baf8037369b85f8b864475b6
-
SHA256
4ae4de137b7769456036f7007236717c9d1e9eb4e80863175ac7709e499141f8
-
SHA512
e9017e50f9a35227e2e77749460faf6391212f722d1f9311c43d137f21780dc3f8cbe67ce4d267d5f96b8b8e83647fc673b479eb10b0dffd001b66c6655a3cfb
Score10/10-
Async RAT payload
-
Blocklisted process makes network request
-