General
-
Target
Update.bat
-
Size
303KB
-
Sample
240309-xmsnqagb3z
-
MD5
9574f1be21b67338ff89f7822d497b6c
-
SHA1
04ffcb12ddae19a42d6ca114ee4b8a3217d77ff4
-
SHA256
d57da5dbfd8710be350680348344d6e3a319b596cda91475fdd9d007bdf6de1d
-
SHA512
813cf4b4fdcf0c76ed2f13389596d72278c11d4da08a16725da7b22495ea1c2c876262b36e4eb884335b5ac5125efb1d62a76167fec82e67c99299ceee3b622a
-
SSDEEP
6144:UcOIzE+4SSmeYpiePKsu6MQRLngYGseXp1PwY6:CqEJzYK6MQxgYGseZz6
Static task
static1
Behavioral task
behavioral1
Sample
Update.bat
Resource
win7-20231129-en
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Growtopia
163.5.215.225:1602
hoosnuxddbjezlt
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
Update.bat
-
Size
303KB
-
MD5
9574f1be21b67338ff89f7822d497b6c
-
SHA1
04ffcb12ddae19a42d6ca114ee4b8a3217d77ff4
-
SHA256
d57da5dbfd8710be350680348344d6e3a319b596cda91475fdd9d007bdf6de1d
-
SHA512
813cf4b4fdcf0c76ed2f13389596d72278c11d4da08a16725da7b22495ea1c2c876262b36e4eb884335b5ac5125efb1d62a76167fec82e67c99299ceee3b622a
-
SSDEEP
6144:UcOIzE+4SSmeYpiePKsu6MQRLngYGseXp1PwY6:CqEJzYK6MQxgYGseZz6
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-