General
-
Target
3.hta
-
Size
12KB
-
Sample
240416-vtn8rshd8s
-
MD5
1813054fd92c59be0214e8f908d31155
-
SHA1
3666af3fcd4dbf6d4881afb6e80841c87732569b
-
SHA256
2522c6e717f20b29f38a73dc450a3ad748a14bbe86796429e50eaa672edd5d23
-
SHA512
5416b8eebba6bdc80b48fb5c56e78ffa4c260e13513528022ac5f0e2f0ee5831ce3e8e55b5dbe0aadd60e782b7c69891ffd92190863aa4e218c8a5c5fa966869
-
SSDEEP
192:whpDrcs3f1bF0VXd5uQ45pj3PxFtjQp2QYw:wgefH0lC5pTRo
Static task
static1
Behavioral task
behavioral1
Sample
3.hta
Resource
win7-20231129-en
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
194.48.251.169:4449
wmdekgrrot
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
3.hta
-
Size
12KB
-
MD5
1813054fd92c59be0214e8f908d31155
-
SHA1
3666af3fcd4dbf6d4881afb6e80841c87732569b
-
SHA256
2522c6e717f20b29f38a73dc450a3ad748a14bbe86796429e50eaa672edd5d23
-
SHA512
5416b8eebba6bdc80b48fb5c56e78ffa4c260e13513528022ac5f0e2f0ee5831ce3e8e55b5dbe0aadd60e782b7c69891ffd92190863aa4e218c8a5c5fa966869
-
SSDEEP
192:whpDrcs3f1bF0VXd5uQ45pj3PxFtjQp2QYw:wgefH0lC5pTRo
-
Async RAT payload
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-