General

  • Target

    tmp

  • Size

    3.0MB

  • Sample

    240119-hwm29shfb2

  • MD5

    e494fc161f1189138d1ab2a706b39303

  • SHA1

    94c5053ecdfbcc1ab663df254854a96e6db1eee7

  • SHA256

    5d6cc4d7e7ce998cf1d7bc8b78f787f9b034ab3dbdf8c91a33ad0233ddef2ac4

  • SHA512

    ae57b33e3bf936b0e67ca69959c315fb0ae5a0bf58963e40c0f6388ec6f7773866eca2a1ce6606b1598c723a8e24a98a81ce9a980de22bf807f59674696cdcf2

  • SSDEEP

    49152:RJ8c/Kz+6/ZE3AvJIkkChELoBdDGaHDdukvA6vX7T7Nx2Yn68M:RdeJIkkChELoBdDGaHDduGl7T7Nx2Ynw

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

194.33.191.248:4449

Mutex

hnzbvidvtfpiyqkek

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      tmp

    • Size

      3.0MB

    • MD5

      e494fc161f1189138d1ab2a706b39303

    • SHA1

      94c5053ecdfbcc1ab663df254854a96e6db1eee7

    • SHA256

      5d6cc4d7e7ce998cf1d7bc8b78f787f9b034ab3dbdf8c91a33ad0233ddef2ac4

    • SHA512

      ae57b33e3bf936b0e67ca69959c315fb0ae5a0bf58963e40c0f6388ec6f7773866eca2a1ce6606b1598c723a8e24a98a81ce9a980de22bf807f59674696cdcf2

    • SSDEEP

      49152:RJ8c/Kz+6/ZE3AvJIkkChELoBdDGaHDdukvA6vX7T7Nx2Yn68M:RdeJIkkChELoBdDGaHDduGl7T7Nx2Ynw

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Blocklisted process makes network request

    • Downloads MZ/PE file

MITRE ATT&CK Matrix

Tasks