General

  • Target

    tmpF201.tmp.bat

  • Size

    1.3MB

  • Sample

    240404-rxh95sba32

  • MD5

    297ffc85de4979eb9d29d52dfbde4a8b

  • SHA1

    e501bb7e0da363380d4440d93cd57acdabf66b76

  • SHA256

    43b452c9cef399168fd6ea867fa00130ab9088ae90c7b381bd5f24fda5523084

  • SHA512

    7dbf9dec3f7d1c229a4f1342d60ea2f47354da02fc392a7db9226d16c3ba40475303c581cae1edd71c2df3f32314bcb1b82203ad9a078897364e7ba2f58ea88b

  • SSDEEP

    24576:W03laoFFzC9GPje2UjeHA6KvwWnNUbsAy6xYhaHKO3JM/Cm21f5jvs1i65HVO:W03ZU9GbGj6HKVN4YhwvZMKm25gBVO

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

CRYPTED_1

Mutex

fjivppwgtmaazkf

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      tmpF201.tmp.bat

    • Size

      1.3MB

    • MD5

      297ffc85de4979eb9d29d52dfbde4a8b

    • SHA1

      e501bb7e0da363380d4440d93cd57acdabf66b76

    • SHA256

      43b452c9cef399168fd6ea867fa00130ab9088ae90c7b381bd5f24fda5523084

    • SHA512

      7dbf9dec3f7d1c229a4f1342d60ea2f47354da02fc392a7db9226d16c3ba40475303c581cae1edd71c2df3f32314bcb1b82203ad9a078897364e7ba2f58ea88b

    • SSDEEP

      24576:W03laoFFzC9GPje2UjeHA6KvwWnNUbsAy6xYhaHKO3JM/Cm21f5jvs1i65HVO:W03ZU9GbGj6HKVN4YhwvZMKm25gBVO

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks