General
-
Target
CryptoJacker.exe
-
Size
10.6MB
-
Sample
240623-v5brta1hkk
-
MD5
d8a30735aa4702e200ed432d223c3ad8
-
SHA1
fa144148c226a9d08e1d1179cfa60597d4f08cac
-
SHA256
24aeb855ead570407cef3835b4e5ac516e9ec8dd1d0105662727e4f12082b3d2
-
SHA512
cbc030dd159172c2448554393caeb8b0c910d302dec1edc3a719c47be01bb90a4c243d1d15f0cbfebaf0e016cebec7e5c173c4d5cdd27ffdb557716f2071014a
-
SSDEEP
196608:g0Kn9PL3A8tKCn4bwcfAjSNgeQ4ZhseG0j73cQIqW3yiFoNWpPm4Q:/KnZQ4n4Z5Ve0PJIf3rFXdm4Q
Static task
static1
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
10.0.2.15:9090
10.0.2.15:52033
147.185.221.19:9090
147.185.221.19:52033
yigdzohbebyxyvvzbc
-
delay
1
-
install
true
-
install_file
Steam.exe
-
install_folder
%AppData%
Targets
-
-
Target
CryptoJacker.exe
-
Size
10.6MB
-
MD5
d8a30735aa4702e200ed432d223c3ad8
-
SHA1
fa144148c226a9d08e1d1179cfa60597d4f08cac
-
SHA256
24aeb855ead570407cef3835b4e5ac516e9ec8dd1d0105662727e4f12082b3d2
-
SHA512
cbc030dd159172c2448554393caeb8b0c910d302dec1edc3a719c47be01bb90a4c243d1d15f0cbfebaf0e016cebec7e5c173c4d5cdd27ffdb557716f2071014a
-
SSDEEP
196608:g0Kn9PL3A8tKCn4bwcfAjSNgeQ4ZhseG0j73cQIqW3yiFoNWpPm4Q:/KnZQ4n4Z5Ve0PJIf3rFXdm4Q
-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-