General

  • Target

    2460-32-0x00000206CD3F0000-0x00000206CD408000-memory.dmp

  • Size

    96KB

  • Sample

    240415-zbnxhafe88

  • MD5

    8cd1b51e66dbfc42b7aa1a1563adab9c

  • SHA1

    d1e387861b52acf00bd899999f13bc747f845603

  • SHA256

    b9c257a387dc7c9fd5de1d2c3e1ca5718fb01a42325d7d65658c031db0807b84

  • SHA512

    25722fedc80b6d754c1c928af7a0df3bdcc65696629d929b6f63c9b6eca5455c37718e2c362986cdf6f58cd3f4dac187f7583ad9eb47a8a667c51d15c333db3c

  • SSDEEP

    1536:UUUPcxVteCW7PMV/Qb0I0H1bP/chkdQzcWLVclN:UUmcxV4x7PMV/Q6H1bPvQvBY

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

193.222.96.41:4449

Mutex

nkvohxapain

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      2460-32-0x00000206CD3F0000-0x00000206CD408000-memory.dmp

    • Size

      96KB

    • MD5

      8cd1b51e66dbfc42b7aa1a1563adab9c

    • SHA1

      d1e387861b52acf00bd899999f13bc747f845603

    • SHA256

      b9c257a387dc7c9fd5de1d2c3e1ca5718fb01a42325d7d65658c031db0807b84

    • SHA512

      25722fedc80b6d754c1c928af7a0df3bdcc65696629d929b6f63c9b6eca5455c37718e2c362986cdf6f58cd3f4dac187f7583ad9eb47a8a667c51d15c333db3c

    • SSDEEP

      1536:UUUPcxVteCW7PMV/Qb0I0H1bP/chkdQzcWLVclN:UUmcxV4x7PMV/Q6H1bPvQvBY

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks