General
-
Target
WindowsDesktopGraphics.exe
-
Size
74KB
-
Sample
240601-s4smtsgd84
-
MD5
33f354fd83e3b7cfc9dec200a8cee01d
-
SHA1
43cc469faf3e45ea118af98a4bea80e68946b542
-
SHA256
130d9a370a0719f5012e4f12ae8e023b40cc80357ac235f9bed60bfd7acf9297
-
SHA512
c2551ebf93a6719896d486440409bbea60c166e26fc21a622b869bcf5041225643aa5c35d108e12fe857a893e1fe21e9238d556b586f93927cc7339b716abdf9
-
SSDEEP
1536:cnUiwcxea0CTmPMVHbYn+IYH1bw/HkQzcuLVclN:cnUjcxeFImPMVHbYgH1bwcQnBY
Behavioral task
behavioral1
Sample
WindowsDesktopGraphics.exe
Resource
win7-20240508-en
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
10.8.3.238:59656
ewrxangf8ytS^T^WDRgsudwfg
-
delay
1
-
install
true
-
install_file
windowsdesktopgraphics.exe
-
install_folder
%AppData%
Targets
-
-
Target
WindowsDesktopGraphics.exe
-
Size
74KB
-
MD5
33f354fd83e3b7cfc9dec200a8cee01d
-
SHA1
43cc469faf3e45ea118af98a4bea80e68946b542
-
SHA256
130d9a370a0719f5012e4f12ae8e023b40cc80357ac235f9bed60bfd7acf9297
-
SHA512
c2551ebf93a6719896d486440409bbea60c166e26fc21a622b869bcf5041225643aa5c35d108e12fe857a893e1fe21e9238d556b586f93927cc7339b716abdf9
-
SSDEEP
1536:cnUiwcxea0CTmPMVHbYn+IYH1bw/HkQzcuLVclN:cnUjcxeFImPMVHbYgH1bwcQnBY
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-