General
-
Target
13032024_1706_windows.cmd
-
Size
5KB
-
Sample
240313-k271qsbc69
-
MD5
785491421e9b7a936c34683d262e0788
-
SHA1
98a4e2f3797b338cc0faa98b5f122aae27eb13d1
-
SHA256
b6ee4e50033f168d033d2b58defc9429f5bed66f2bcc22a364cebe45cd20c5ef
-
SHA512
fb3c2f37c5ddbecf65236feb05cecd7b496143a9ad30519d6d418ef9d8f5fe9cd84096faea4a37e4bead89e45e2561ef4ab6456e3d5699506df6f6d1f33d43e0
-
SSDEEP
96:VowFJmmJtABRbPYhB4deDT0tiU/9fSa2cWzTBxdOHKsHNovFDWjU08J+5bgnFvb4:VowFJ3XgSIdeDYtiS9fSm4TBCHKsavFC
Static task
static1
Behavioral task
behavioral1
Sample
13032024_1706_windows.cmd
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
13032024_1706_windows.cmd
Resource
win10v2004-20240226-en
Malware Config
Extracted
asyncrat
5.0.5
Venom Clients
154.30.255.175:8890
Venom_RAT_HVNC_Mutex_Venom RAT_HVNC
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
13032024_1706_windows.cmd
-
Size
5KB
-
MD5
785491421e9b7a936c34683d262e0788
-
SHA1
98a4e2f3797b338cc0faa98b5f122aae27eb13d1
-
SHA256
b6ee4e50033f168d033d2b58defc9429f5bed66f2bcc22a364cebe45cd20c5ef
-
SHA512
fb3c2f37c5ddbecf65236feb05cecd7b496143a9ad30519d6d418ef9d8f5fe9cd84096faea4a37e4bead89e45e2561ef4ab6456e3d5699506df6f6d1f33d43e0
-
SSDEEP
96:VowFJmmJtABRbPYhB4deDT0tiU/9fSa2cWzTBxdOHKsHNovFDWjU08J+5bgnFvb4:VowFJ3XgSIdeDYtiS9fSm4TBCHKsavFC
Score10/10-
Suspicious use of NtCreateThreadExHideFromDebugger
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-