Overview

overview

10

Static

static

1

GoGi.bat

windows7-x64

1

GoGi.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GoGi.bat

  • Size

    60KB

  • Sample

    240420-j6n8racc98

  • MD5

    cab2108a81d68104dd9b15efcedf8351

  • SHA1

    03852c18f75cad87f71693fb1973d9a04e8910ed

  • SHA256

    a2dfe970dc385f9aa1a81946c4bc41144d182dbddb02e37ce4c5b52c9b884aaa

  • SHA512

    e474ce03766f8e21fdb14e072144e8e1c5fa1f30e66ea4f7a05fade86bd783fb4dec65d23ab01861524959a0a029cb2112074116fdbd72d02ab4794216ed95f5

  • SSDEEP

    1536:ts4yFTt4kNLNofpmw3dU7pVcJqmJQBULYJebJaRVmMWVXUpQk8daktj2aVv0+x/:tITGkDofH27pAD8YdYFpQk88kd2aJ/x/

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

193.222.96.114:4449

Mutex

nkvohxapain

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      GoGi.bat

    • Size

      60KB

    • MD5

      cab2108a81d68104dd9b15efcedf8351

    • SHA1

      03852c18f75cad87f71693fb1973d9a04e8910ed

    • SHA256

      a2dfe970dc385f9aa1a81946c4bc41144d182dbddb02e37ce4c5b52c9b884aaa

    • SHA512

      e474ce03766f8e21fdb14e072144e8e1c5fa1f30e66ea4f7a05fade86bd783fb4dec65d23ab01861524959a0a029cb2112074116fdbd72d02ab4794216ed95f5

    • SSDEEP

      1536:ts4yFTt4kNLNofpmw3dU7pVcJqmJQBULYJebJaRVmMWVXUpQk8daktj2aVv0+x/:tITGkDofH27pAD8YdYFpQk88kd2aJ/x/

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks