Overview

overview

10

Static

static

1

update.cmd

windows7-x64

1

update.cmd

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    update.cmd

  • Size

    60KB

  • Sample

    240307-pdcbdabg61

  • MD5

    55db0ea580cce204785f5537cbabf05b

  • SHA1

    d2f423c3416532ef91b74b50c5cb746829f3d114

  • SHA256

    43feb4c81e9e5be7b22c542dd0d54725075a67dbf592bb65b3b625c04256af55

  • SHA512

    c12463cc06def3a872f904e44378145a39c72659961ed48156b083440041d4662a454c5737fd0fa45199e659ba62a90029c3800a94526895b43ac3ac0d430480

  • SSDEEP

    1536:9TpJ48aohXl/LnI5BDLfj+OMfh3BRc8z4lJm5DQ3Vve:Jr4In7I5BDLfKf8+DYg

Score
10/10
asyncratvenom clientsrat

Malware Config

Extracted

Family

asyncrat

Version

5.0.5

Botnet

Venom Clients

C2

mkys.duckdns.org:8890

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      update.cmd

    • Size

      60KB

    • MD5

      55db0ea580cce204785f5537cbabf05b

    • SHA1

      d2f423c3416532ef91b74b50c5cb746829f3d114

    • SHA256

      43feb4c81e9e5be7b22c542dd0d54725075a67dbf592bb65b3b625c04256af55

    • SHA512

      c12463cc06def3a872f904e44378145a39c72659961ed48156b083440041d4662a454c5737fd0fa45199e659ba62a90029c3800a94526895b43ac3ac0d430480

    • SSDEEP

      1536:9TpJ48aohXl/LnI5BDLfj+OMfh3BRc8z4lJm5DQ3Vve:Jr4In7I5BDLfKf8+DYg

    Score
    10/10
    asyncratvenom clientsrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks