General
-
Target
Sysnapse X Revamped.zip
-
Size
225KB
-
MD5
323b9e8fb01cc05ac63ec8ac44de0c7b
-
SHA1
6d46c608f2816146fed96cb9b83698ffc3d83f44
-
SHA256
736ed20fa445914a74981a8478c4453214fc2500c1fcc3d584e6a7aa2e07dec2
-
SHA512
d3b3ef8992e0b74f261bd9c9d871c9b790a77d10c6716d45c725414ef787f9d80f9536dd2b18c7bba3055abc888491cd08d2d4d8f2b67ce1dc31d1cc92814d10
-
SSDEEP
6144:ECd8YPs5BVTckfu5hysrPKawiaE7vZ+iV5hy7tNqH:Eqs5XTFfuOwwfEbNrOG
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
84.66.59.196:64627
192.168.1.143:64627
192.168.0.28:64627
sefujhbsefuhgsdfhuigserfusaefaeddf
-
delay
1
-
install
true
-
install_file
taskhost.exe
-
install_folder
%AppData%
Signatures
Files
-
Sysnapse X Revamped.zip.zip
-
Sysnapse X Revamped/Sysnapse X Revamp 2.8.1.2.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 426KB - Virtual size: 426KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ