General
-
Target
121212121.rar
-
Size
32KB
-
MD5
5825d40a74aa55945dcb4cb25b095a6c
-
SHA1
545ee2f128c5a1cde5e936ea047549f2232acda1
-
SHA256
a10182dfa9f67897f8ba71580db6646329b4d7570f5deaea3c4ba460b72001b4
-
SHA512
914674223ba52fd8e3adad8146820c1361617832aed2713ee5ef45ecbdc0c3f45ff8f9b7857c6d1cc084fb33f5289d6bf997f6428b8c14fa273c3efb8e4d6b24
-
SSDEEP
768:Tt8vQ+FvSpxTh6pkYVurVgJpjMZrDR2aW5ShWsrfaPZmhlHUjgqN:T/VTkKYVurVgJBMZrD+EriPMhlH0N
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
192.168.32.135:4449
vbwviprpegz
-
delay
1
-
install
false
-
install_folder
%AppData%
Signatures
Files
-
121212121.rar.rar
-
121212121.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 70KB - Virtual size: 70KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ