General

  • Target

    chrome_service.sig.exe

  • Size

    346KB

  • Sample

    240121-tgmzhaeee6

  • MD5

    17cd39db281e45ca913f85d4ec19b4cb

  • SHA1

    0e6bfff4037eae0f89852c19498538e85869b0a5

  • SHA256

    849477ce19f694d6be89404f674b80af6bc2132b0954ac3e9d3ee910ec1a637b

  • SHA512

    c5fe25788e4210d3d4c4ee825590ab3dd2e689e4fe4465bdca82f6e822894fb692d558fe4c6c0b9ac25560665c920d8ef0d9d002b39086a531fd10e3579018e3

  • SSDEEP

    6144:rzgFt/3a3IbmY+KRX06gcL0ABC6wAiJ5Z:rctq38EeX0+rBCtAid

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

67.205.154.243:4431

Mutex

wuhjwqibozr

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      chrome_service.sig.exe

    • Size

      346KB

    • MD5

      17cd39db281e45ca913f85d4ec19b4cb

    • SHA1

      0e6bfff4037eae0f89852c19498538e85869b0a5

    • SHA256

      849477ce19f694d6be89404f674b80af6bc2132b0954ac3e9d3ee910ec1a637b

    • SHA512

      c5fe25788e4210d3d4c4ee825590ab3dd2e689e4fe4465bdca82f6e822894fb692d558fe4c6c0b9ac25560665c920d8ef0d9d002b39086a531fd10e3579018e3

    • SSDEEP

      6144:rzgFt/3a3IbmY+KRX06gcL0ABC6wAiJ5Z:rctq38EeX0+rBCtAid

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks