General
-
Target
update.cmd
-
Size
60KB
-
Sample
240307-v94y6aha99
-
MD5
55db0ea580cce204785f5537cbabf05b
-
SHA1
d2f423c3416532ef91b74b50c5cb746829f3d114
-
SHA256
43feb4c81e9e5be7b22c542dd0d54725075a67dbf592bb65b3b625c04256af55
-
SHA512
c12463cc06def3a872f904e44378145a39c72659961ed48156b083440041d4662a454c5737fd0fa45199e659ba62a90029c3800a94526895b43ac3ac0d430480
-
SSDEEP
1536:9TpJ48aohXl/LnI5BDLfj+OMfh3BRc8z4lJm5DQ3Vve:Jr4In7I5BDLfKf8+DYg
Static task
static1
Behavioral task
behavioral1
Sample
update.cmd
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
update.cmd
Resource
win10-20240221-en
Behavioral task
behavioral3
Sample
update.cmd
Resource
win10v2004-20240226-en
Behavioral task
behavioral4
Sample
update.cmd
Resource
win11-20240221-en
Malware Config
Extracted
asyncrat
5.0.5
Venom Clients
mkys.duckdns.org:8890
Venom_RAT_HVNC_Mutex_Venom RAT_HVNC
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
update.cmd
-
Size
60KB
-
MD5
55db0ea580cce204785f5537cbabf05b
-
SHA1
d2f423c3416532ef91b74b50c5cb746829f3d114
-
SHA256
43feb4c81e9e5be7b22c542dd0d54725075a67dbf592bb65b3b625c04256af55
-
SHA512
c12463cc06def3a872f904e44378145a39c72659961ed48156b083440041d4662a454c5737fd0fa45199e659ba62a90029c3800a94526895b43ac3ac0d430480
-
SSDEEP
1536:9TpJ48aohXl/LnI5BDLfj+OMfh3BRc8z4lJm5DQ3Vve:Jr4In7I5BDLfKf8+DYg
Score10/10-
Async RAT payload
-
Blocklisted process makes network request
-