General
-
Target
kam.cmd
-
Size
82KB
-
Sample
240523-w8xdcscb25
-
MD5
0c9dd4a4644d5271be6bf540daccb191
-
SHA1
452415383fd54926ce19f8f78258dc57d87c98ef
-
SHA256
c993fe19772483493944a04b83c5842049b2ddf5f4f2289f7ecd67d1245658e0
-
SHA512
194d82615358dfc579e508768e2b2e3357069ea626cf90415f58459943a147e0c58d600091bf8840c1e06db9962ca01b3cd2cf9f1ee3d6685bd8d62a6219eab5
-
SSDEEP
1536:cHkGj8vp9NrhTu1iCrjNk9CRsphfkA0tNJxCK9dLbw3/4cLT4H/INmxklg:cHB8nrhTu1L8CRsp+RtIK4v3nUcM
Static task
static1
Behavioral task
behavioral1
Sample
kam.cmd
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
kam.cmd
Resource
win10v2004-20240508-en
Malware Config
Extracted
asyncrat
5.0.5
Venom Clients
undjsj.duckdns.org:8890
Venom_RAT_HVNC_Mutex_Venom RAT_HVNC
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
kam.cmd
-
Size
82KB
-
MD5
0c9dd4a4644d5271be6bf540daccb191
-
SHA1
452415383fd54926ce19f8f78258dc57d87c98ef
-
SHA256
c993fe19772483493944a04b83c5842049b2ddf5f4f2289f7ecd67d1245658e0
-
SHA512
194d82615358dfc579e508768e2b2e3357069ea626cf90415f58459943a147e0c58d600091bf8840c1e06db9962ca01b3cd2cf9f1ee3d6685bd8d62a6219eab5
-
SSDEEP
1536:cHkGj8vp9NrhTu1iCrjNk9CRsphfkA0tNJxCK9dLbw3/4cLT4H/INmxklg:cHB8nrhTu1L8CRsp+RtIK4v3nUcM
Score10/10-
Async RAT payload
-
Blocklisted process makes network request
-