General
-
Target
INV0ICE_#TBSBVS0Y3BDSMMX.bat
-
Size
304KB
-
Sample
240222-sye5jscb86
-
MD5
32d3c2bfedc7408eba2e9794fa0aa234
-
SHA1
4a3f3e9d2bbd0f1f5a0e217d05e75b5bb3b2f1a7
-
SHA256
d05ad3dc62e1dc45fd31dc2382c1ea5e5f26f4f7692cb2ef8fd1c6e74b69fa16
-
SHA512
266ea8c5189b7a6f2e1fb74cef4e349078a5a9e3f1b918f33222a6f1f68d48ac901508020dfcc6c7e90aae4f0d35758bd31702c57118ec2d61702b6c4da13dd7
-
SSDEEP
6144:I3EFaqImw+8n0S8Or8VY1rcEIYN2z/MFCGD1rofsIrEp3lxFIK6Exj2RthLiGBkT:+qji0SRr84rc9zUYG67rOVIYgR+gBvZc
Static task
static1
Behavioral task
behavioral1
Sample
INV0ICE_#TBSBVS0Y3BDSMMX.bat
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
INV0ICE_#TBSBVS0Y3BDSMMX.bat
Resource
win10v2004-20240221-en
Malware Config
Extracted
asyncrat
5.0.5
Venom Clients
febvenom8.duckdns.org:8890
Venom_RAT_HVNC_Mutex_Venom RAT_HVNC
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
INV0ICE_#TBSBVS0Y3BDSMMX.bat
-
Size
304KB
-
MD5
32d3c2bfedc7408eba2e9794fa0aa234
-
SHA1
4a3f3e9d2bbd0f1f5a0e217d05e75b5bb3b2f1a7
-
SHA256
d05ad3dc62e1dc45fd31dc2382c1ea5e5f26f4f7692cb2ef8fd1c6e74b69fa16
-
SHA512
266ea8c5189b7a6f2e1fb74cef4e349078a5a9e3f1b918f33222a6f1f68d48ac901508020dfcc6c7e90aae4f0d35758bd31702c57118ec2d61702b6c4da13dd7
-
SSDEEP
6144:I3EFaqImw+8n0S8Or8VY1rcEIYN2z/MFCGD1rofsIrEp3lxFIK6Exj2RthLiGBkT:+qji0SRr84rc9zUYG67rOVIYgR+gBvZc
Score10/10-
Async RAT payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-