General

  • Target

    Cliweent.exe

  • Size

    73KB

  • MD5

    77f532ac803bd6fe3004117770fbaad1

  • SHA1

    f5274da498656c1fb2b446aaec152a9a9567a6e2

  • SHA256

    36d244efe3e391bbf9a80a0d683291d791142f2e9d9846c0e69c331cf888aed6

  • SHA512

    2812ae69c7f6a030aa867e743aa100237fef256e3dc1dfcb8c588e7b3b97fbf339a46222b82e1d946fa62d6cee4182388a003f88fa4626d26035d6f105156860

  • SSDEEP

    1536:KUN0cxVGlCBiPMVbbadaIxH1b3/PFQzc33VclN:KU2cxVMWiPMV3azH1b3lQSlY

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

127.0.0.1:4449

127.0.0.144:4449

5.12.198.225:4449

192.168.1.10:4449

Mutex

fmvoxzfzoacbja

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Cliweent.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections