General

  • Target

    Client.exe

  • Size

    63KB

  • Sample

    240626-ywph4a1dlb

  • MD5

    8d72756b3a12675e8bf41d4961d457f1

  • SHA1

    69c10dd8d6853939920df2cc1ce045cd647b40a2

  • SHA256

    f3df12506f66e8cc2f7d16f4a344dc8a887489667f34a371a82ecf98f64cdb0e

  • SHA512

    116f0504fa881b076b26298063dae2a341401a3e454a306fddfca5f33abc91d47c733fd064e881a43c33a11b9678d4e7a6226a1b2e4c4797a13d8543e64ecd49

  • SSDEEP

    1536:yJNXXlloMdexiOzSeeiIVrGbbXwELqG2DpqKmY7:yJNXXlloMdeFzLeXGbbXcgz

Malware Config

Extracted

Family

asyncrat

Version

5.0.5

Botnet

Venom Clients

C2

127.0.0.1:4449

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes
  • delay

    1

  • install

    true

  • install_file

    nigger.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Client.exe

    • Size

      63KB

    • MD5

      8d72756b3a12675e8bf41d4961d457f1

    • SHA1

      69c10dd8d6853939920df2cc1ce045cd647b40a2

    • SHA256

      f3df12506f66e8cc2f7d16f4a344dc8a887489667f34a371a82ecf98f64cdb0e

    • SHA512

      116f0504fa881b076b26298063dae2a341401a3e454a306fddfca5f33abc91d47c733fd064e881a43c33a11b9678d4e7a6226a1b2e4c4797a13d8543e64ecd49

    • SSDEEP

      1536:yJNXXlloMdexiOzSeeiIVrGbbXwELqG2DpqKmY7:yJNXXlloMdeFzLeXGbbXcgz

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Downloads MZ/PE file

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks