Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    server.exe

  • Size

    74KB

  • MD5

    f3824e9850d28d25460601d337621934

  • SHA1

    557f4b1d615e650d8460171b86e2e860c4f91382

  • SHA256

    3e00cf0db46eff8e2a3600dea67c6490b69acb0c7db49dce472b506a9a03ee79

  • SHA512

    6754e19640341bf306de9ab4b6d6fee7d6b625149bdad4a6dca070dd2e680eee0ab3c5a0fdd06a875b494995372bc1d11f326e85ad7051a651f3ea1912561e7b

  • SSDEEP

    1536:gUUPcxVteCW7PMVMrKrnYgIgH1bz/8sigQzcyLVclN:gUmcxV4x7PMVMrKrvH1bz0gQjBY

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

192.168.209.128:4449

Mutex

otzkziwhmtdbiw

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain
1
tFI97aRjffLelNlqiDIDeHWRiw2rxRGM

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.