General
-
Target
creative sound blaster.exe
-
Size
272KB
-
MD5
ec3968fd0cf6b025017dbb83249de6f2
-
SHA1
e1805d0f7984f46819320f2121fc67948c0cdfa5
-
SHA256
3537198ebe7eb84bea0eaf47c3955d02b7d6b0d94cef1415d25c1558191a19bd
-
SHA512
f73da223c70fe28f0f0515d17c56e3c8f2ced64894489749a9ad02822995e72429b6ab50963d84676a3de1f76d48bc5952cbb98f044376929332964fb228c509
-
SSDEEP
3072:pUTcxgTEiPMVTb3SH1bnrgYQgy9ckYMmlB/v6A80XH3e55EVu9cBY:pCEiPMVTbiVb0YS5YM6VyA80XHbUe
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Botnet
dllhost.dat
C2
147.185.221.21:5552
147.185.221.21:6643
Mutex
evyjfpsdxkkqc
Attributes
-
delay
1
-
install
true
-
install_file
dllhost.dat.exe
-
install_folder
%AppData%
aes.plain
Signatures
-
Async RAT payload 1 IoCs
-
Asyncrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
creative sound blaster.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections