General
-
Target
01042024_2123_H62O0.cmd
-
Size
111KB
-
Sample
240401-qm1wrsfe52
-
MD5
2c3351c659a42a82e3a3d865c88eaaaf
-
SHA1
7c73b2c98e449be1c5a85806c08cfe05c0a699ab
-
SHA256
f8f8f56ff4b52a36a6619ca8eadab3df1ae333dfda870a36b024bd74cf0ce9e4
-
SHA512
b1962ca896f6328289a61522c6ede86bd0e6436d3dd6ca2170888ee2592a9cf88640f801dd864dbab1713ddb930b4dbed3cba0c5362f56f19150fcdabab599c6
-
SSDEEP
3072:hXiSJ9Nvg6aGNGIR9Lb5ZQ6gvr+sBKWTP8ydL:hnXy2wg9f5ZezrKWTPdV
Static task
static1
Behavioral task
behavioral1
Sample
01042024_2123_H62O0.cmd
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
01042024_2123_H62O0.cmd
Resource
win10v2004-20240226-en
Malware Config
Extracted
asyncrat
5.0.5
Venom Clients
kdfsv.duckdns.org:8890
Venom_RAT_HVNC_Mutex_Venom RAT_HVNC
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
01042024_2123_H62O0.cmd
-
Size
111KB
-
MD5
2c3351c659a42a82e3a3d865c88eaaaf
-
SHA1
7c73b2c98e449be1c5a85806c08cfe05c0a699ab
-
SHA256
f8f8f56ff4b52a36a6619ca8eadab3df1ae333dfda870a36b024bd74cf0ce9e4
-
SHA512
b1962ca896f6328289a61522c6ede86bd0e6436d3dd6ca2170888ee2592a9cf88640f801dd864dbab1713ddb930b4dbed3cba0c5362f56f19150fcdabab599c6
-
SSDEEP
3072:hXiSJ9Nvg6aGNGIR9Lb5ZQ6gvr+sBKWTP8ydL:hnXy2wg9f5ZezrKWTPdV
Score10/10-
Async RAT payload
-
Blocklisted process makes network request
-