General

  • Target

    4232-132-0x0000000008050000-0x0000000008068000-memory.dmp

  • Size

    96KB

  • Sample

    240416-v21xjagb53

  • MD5

    8ebbb6f749d68cc766fcaf886a52ea71

  • SHA1

    026d87f96210477a005ea3a661371744d4fd1208

  • SHA256

    d641e1f4f2f9cdfdf1ff6e7d1e33e0e7cefa08b00c473ecee6e4825e557dc5fe

  • SHA512

    84858a8f8a47b5e052dd99b4ea5d521f71f279ad95e33a553ca3c3ae17b43c342efd8655d832842824eb3d487d33e587d73d12ccc93078a6d705affe7cc69fe2

  • SSDEEP

    1536:8UUPcxVteCW7PMVee9VdQuDI6H1bf/hQzcBLVclN:8UmcxV4x7PMVee9VdQsH1bfZQYBY

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

194.48.251.169:4449

Mutex

wmdekgrrot

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      4232-132-0x0000000008050000-0x0000000008068000-memory.dmp

    • Size

      96KB

    • MD5

      8ebbb6f749d68cc766fcaf886a52ea71

    • SHA1

      026d87f96210477a005ea3a661371744d4fd1208

    • SHA256

      d641e1f4f2f9cdfdf1ff6e7d1e33e0e7cefa08b00c473ecee6e4825e557dc5fe

    • SHA512

      84858a8f8a47b5e052dd99b4ea5d521f71f279ad95e33a553ca3c3ae17b43c342efd8655d832842824eb3d487d33e587d73d12ccc93078a6d705affe7cc69fe2

    • SSDEEP

      1536:8UUPcxVteCW7PMVee9VdQuDI6H1bf/hQzcBLVclN:8UmcxV4x7PMVee9VdQsH1bfZQYBY

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks