General
-
Target
DataExchangeHost.sample
-
Size
74KB
-
MD5
c52bcbc569ce2171dd1a3e7a8f2d7449
-
SHA1
5693daea5949da0f24d30d66d16df54ff6e62cf1
-
SHA256
818e8def4d4a4de7a10c337fc126a9ed0cc4eb0fe06dd803ea680a6dcd7003b9
-
SHA512
401bdd3749d3c40fb9d1603c504038916822b7ada6629ed463261cab523cb50a1edb88f4c463db8e760b6e960c9d19d5689192100f15cff41a5c56f4689a0f77
-
SSDEEP
1536:MUAngcxGtEXCrWPMVgS7S4ConIZH1bn/nLcfS/UPQzcHWVclN:MUAgcxGtkQWPMVgSPcH1bnP//WQSsY
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
94.156.8.65:8080
DataExchangeHost
-
delay
1
-
install
false
-
install_file
DataExchangeHost
-
install_folder
%AppData%
Signatures
Files
-
DataExchangeHost.sample.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ