General

  • Target

    716-420-0x0000000000660000-0x0000000000FBC000-memory.dmp

  • Size

    9.4MB

  • Sample

    240622-zwnggathke

  • MD5

    10f6a258b9e6b2460fc265dbc568bedd

  • SHA1

    2d9daa8ebd9399db9d7dc1bf0dc3822f1effee1d

  • SHA256

    4cc07f2e80c9ed4e6074f125c1f6cc21c0753ed2f064be2d38c3bda339de802f

  • SHA512

    322791ea51b6ebc1ae44844d73f971dfc6b47ffc337c16bbd20d3e40d8541699febe5f984d40fa0200870377e24318e84e9b8c781249b024f0b380682692e3fd

  • SSDEEP

    98304:QrIcRkrmdkh2IS/WDk/gt6lYBR8hbLocrRKLbE+R9V+EKS9tRjNcqeFl5XODzT+Z:gZU6y8Noct+VrV1X5vT+N

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

95.142.46.3:4449

95.142.46.3:7000

Mutex

zlgcqgmshzbvhurfz

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      716-420-0x0000000000660000-0x0000000000FBC000-memory.dmp

    • Size

      9.4MB

    • MD5

      10f6a258b9e6b2460fc265dbc568bedd

    • SHA1

      2d9daa8ebd9399db9d7dc1bf0dc3822f1effee1d

    • SHA256

      4cc07f2e80c9ed4e6074f125c1f6cc21c0753ed2f064be2d38c3bda339de802f

    • SHA512

      322791ea51b6ebc1ae44844d73f971dfc6b47ffc337c16bbd20d3e40d8541699febe5f984d40fa0200870377e24318e84e9b8c781249b024f0b380682692e3fd

    • SSDEEP

      98304:QrIcRkrmdkh2IS/WDk/gt6lYBR8hbLocrRKLbE+R9V+EKS9tRjNcqeFl5XODzT+Z:gZU6y8Noct+VrV1X5vT+N

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

MITRE ATT&CK Matrix

Tasks