General
-
Target
1320-364-0x0000000000DF0000-0x0000000000E08000-memory.dmp
-
Size
96KB
-
MD5
320d4619ae35674e63c2af2ffb1cce13
-
SHA1
9f0cec470df863e7205ce5a18ede66ecedca0b55
-
SHA256
7c64436092388540fae8dc345ad8c5b315ea55a91413eb5d51b30683c6ac7d5f
-
SHA512
0aef65274c9722f43a053a889450c5f4f85091f8ca5e1634990b9d3c889f40af21af41f0c60fa711f1fc2f28d6f029c2c27f2caeeb6e01843d3d6b944bd4518c
-
SSDEEP
1536:LUoOUcxsbiCCJiPMVMEh3kLuaIsH1bz8naOQzc/LVclN:LUoncxsbX+iPMVLfAH1bzPOQOBY
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Botnet
MoneyHunter
Mutex
mnirfrhkagkpus
Attributes
-
delay
1
-
install
true
-
install_file
chrome.exe
-
install_folder
%Temp%
-
pastebin_config
https://pastebin.com/raw/QCMD0FrN
aes.plain
Signatures
-
Async RAT payload 1 IoCs
-
Asyncrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1320-364-0x0000000000DF0000-0x0000000000E08000-memory.dmp
Headers
Sections