Overview

overview

10

Static

static

10

1196-33-0x...ry.exe

windows7-x64

10

1196-33-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1196-33-0x00000235B9350000-0x00000235B9368000-memory.dmp

  • Size

    96KB

  • Sample

    240420-kje71add2w

  • MD5

    3ac7d139cda6b3492652dfe0f136b94e

  • SHA1

    a3839591812d56a0fe980c4f13f8fe357a65a07f

  • SHA256

    698f8699ce151a64709b33c38ff3f5c5b23da19b99c4e11120fcfa5c6d241b06

  • SHA512

    c3a2439e00513ba8de780bc34a0fa008a95af0d0a25f5634afea1251e712b4a69cc65f75ef95e0ba7d0d22426c841f6b9298767bb830943d1c4e67b4355b275d

  • SSDEEP

    1536:UUUPcxVteCW7PMV5xSFymJk4IWH1bF/hAa0QzcWLVclN:UUmcxV4x7PMV5oHFH1bFQQvBY

Score
10/10
asyncratdefaultdiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

193.222.96.128:4449

Mutex

nkvohxapain

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      1196-33-0x00000235B9350000-0x00000235B9368000-memory.dmp

    • Size

      96KB

    • MD5

      3ac7d139cda6b3492652dfe0f136b94e

    • SHA1

      a3839591812d56a0fe980c4f13f8fe357a65a07f

    • SHA256

      698f8699ce151a64709b33c38ff3f5c5b23da19b99c4e11120fcfa5c6d241b06

    • SHA512

      c3a2439e00513ba8de780bc34a0fa008a95af0d0a25f5634afea1251e712b4a69cc65f75ef95e0ba7d0d22426c841f6b9298767bb830943d1c4e67b4355b275d

    • SSDEEP

      1536:UUUPcxVteCW7PMV5xSFymJk4IWH1bF/hAa0QzcWLVclN:UUmcxV4x7PMV5oHFH1bFQQvBY

    Score
    10/10
    asyncratdefaultdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks