General

  • Target

    infected.zip

  • Size

    36KB

  • MD5

    5508e890a2e549cb98cff98adf82b100

  • SHA1

    d747d2055afd511608bf20312e42e5f4cf65720d

  • SHA256

    f8590e30885a7ab138613a0747d69830715d6f4d656274cf0a613f56741a9f0a

  • SHA512

    bd069aecf332c2811bdd764ee6458d1aaf7fc4cdfcec7c0cb84df63d91f69ab1203c6920b37766270fbe9b3b5662d3393c7165355bc8e7d8484aa6d31c99eef5

  • SSDEEP

    768:M0pyEf/rt/JTTzRIxneYVQQ4cSvp2PwpGlivR2aqS3TKmmUwIR:bUE7fxIgQQB/vqlliJ229sm

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

171.233.98.70:18274

Mutex

csnsaqugsusbtz

Attributes
  • delay

    1

  • install

    true

  • install_file

    Registry.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • infected.zip
    .zip

    Password: infected

  • bc6005c0a53f37d259323fd3aeb2682b914050f20409fcfd21da5b31474a908b
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections