General
-
Target
0x00080000000146c2-142.dat
-
Size
73KB
-
Sample
240120-2hr9lshgfr
-
MD5
25b6389bbaa746df85d53714d4a6d477
-
SHA1
86e6443e902f180f32fb434e06ecf45d484582e3
-
SHA256
4b02692bf468a164e333bbfc961c5974d0a95009a72ea8bff2e9cb677eae4f56
-
SHA512
6ad22c119b548f0e8ed5adb6c9f48c33b356340a7309c8185bec817f2562ae99760ff79e131c89bce2be122b6385bee610704f37edb7f1656a1b9d4782a1fcf4
-
SSDEEP
1536:6aUqAcxVMW7eTmJ9rxjJTkdK4WaxHdSzPMwy/eqmmRhdWVH1bfbVCNIrXQlwzUIE:6aUTcxVMW7eiJ9rxjJTkdK4WaP0PMwhq
Behavioral task
behavioral1
Sample
0x00080000000146c2-142.exe
Resource
win7-20231215-en
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.2
Default
93.123.39.68:4449
kszghixltbdczq
-
delay
1
-
install
true
-
install_file
chromeupdate.exe
-
install_folder
%AppData%
Targets
-
-
Target
0x00080000000146c2-142.dat
-
Size
73KB
-
MD5
25b6389bbaa746df85d53714d4a6d477
-
SHA1
86e6443e902f180f32fb434e06ecf45d484582e3
-
SHA256
4b02692bf468a164e333bbfc961c5974d0a95009a72ea8bff2e9cb677eae4f56
-
SHA512
6ad22c119b548f0e8ed5adb6c9f48c33b356340a7309c8185bec817f2562ae99760ff79e131c89bce2be122b6385bee610704f37edb7f1656a1b9d4782a1fcf4
-
SSDEEP
1536:6aUqAcxVMW7eTmJ9rxjJTkdK4WaxHdSzPMwy/eqmmRhdWVH1bfbVCNIrXQlwzUIE:6aUTcxVMW7eiJ9rxjJTkdK4WaP0PMwhq
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-