General

  • Target

    xxx.bat

  • Size

    61KB

  • Sample

    240415-y6pa3sfc97

  • MD5

    28de2826893ab7e1f2c97521e8fb8ef7

  • SHA1

    50a03746f808599f6ea91b176bc1621c21911eeb

  • SHA256

    40949bfd50832f026a1f9f6797c0bfa1f8b16698188fc42ca06b04340ba562c1

  • SHA512

    28f6268cb2944b2d9c76d35d0df6e23e02242bbf5d0a1556b585321a166bd3694cc2e78347d98df4ba1502d397654243ccce10b0935c92076fe12c67f688c451

  • SSDEEP

    1536:NkwiNwg9/Sdqu+PZuFehHoCWryzg8jLVJTMdqEpo/LBfG:PiNw60+PZu+ICSXGxJTE8VfG

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

193.222.96.41:4449

Mutex

nkvohxapain

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      xxx.bat

    • Size

      61KB

    • MD5

      28de2826893ab7e1f2c97521e8fb8ef7

    • SHA1

      50a03746f808599f6ea91b176bc1621c21911eeb

    • SHA256

      40949bfd50832f026a1f9f6797c0bfa1f8b16698188fc42ca06b04340ba562c1

    • SHA512

      28f6268cb2944b2d9c76d35d0df6e23e02242bbf5d0a1556b585321a166bd3694cc2e78347d98df4ba1502d397654243ccce10b0935c92076fe12c67f688c451

    • SSDEEP

      1536:NkwiNwg9/Sdqu+PZuFehHoCWryzg8jLVJTMdqEpo/LBfG:PiNw60+PZu+ICSXGxJTE8VfG

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks