Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    VenomRatPowershell.exe

  • Size

    129KB

  • MD5

    39d1b0477412c419929c6502084dcf1a

  • SHA1

    5c85bdc140feec7e4bb68e32af1655b15b9c57dc

  • SHA256

    580c183d3c73972da094c37768f5dff8ed723798dc4cd11a8ee65f9354e5139d

  • SHA512

    7ca6909d5b1332ab6d9a25788dc63671dcfee80df833dcce7bb0666124b3de45f0db215e8d4b8332a6de35f88a4630a664046164a693282ad105cf8233fff37b

  • SSDEEP

    3072:JUPcxu29N2PMVLvH1bR2QNjEJE4JO9sV1yZywi/PFBoY:JFN2PMVLVb0VbO9sV1yZywi/PU

Score
10/10
ratbotnetprojectasyncrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

BotnetProject

Mutex

MMMutexDon'tTryGetITByDeadSeccccccc

Attributes
  • delay

    1

  • install

    true

  • install_file

    BSOD.exe

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/BSSw6HT3

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • VenomRatPowershell.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections