General
-
Target
0a47f8b1df726dd3e20d5356d833e33d3e1e2c6f060e25d2237074e4978369d1
-
Size
939KB
-
Sample
240725-w6pkqszgqb
-
MD5
59993f5dccb6b65fd3afe11b786d5221
-
SHA1
e8004d45cd7c7fd9bb03f7e79d82dc1326d29195
-
SHA256
0a47f8b1df726dd3e20d5356d833e33d3e1e2c6f060e25d2237074e4978369d1
-
SHA512
a2df0b39e4447ed9c9255fdc0f8bf812353c49143b22d26d760cdac8cf259773a8a6877ce1b0a0fcdc9b6cf974b49661c261f157c2372a8ab03065587ef32cd3
-
SSDEEP
24576:i4EZVe0wo9pVsCwYJa/sL0vtyp14t5V9hh/fqFtpeq2wW:aevo9pVHu/214vVf0Ftp
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.2
Default
157.20.182.226:4449
cmfpnygxzviiwhl
-
delay
1
-
install
true
-
install_file
WinRAR.exe
-
install_folder
%AppData%
Targets
-
-
Target
0a47f8b1df726dd3e20d5356d833e33d3e1e2c6f060e25d2237074e4978369d1
-
Size
939KB
-
MD5
59993f5dccb6b65fd3afe11b786d5221
-
SHA1
e8004d45cd7c7fd9bb03f7e79d82dc1326d29195
-
SHA256
0a47f8b1df726dd3e20d5356d833e33d3e1e2c6f060e25d2237074e4978369d1
-
SHA512
a2df0b39e4447ed9c9255fdc0f8bf812353c49143b22d26d760cdac8cf259773a8a6877ce1b0a0fcdc9b6cf974b49661c261f157c2372a8ab03065587ef32cd3
-
SSDEEP
24576:i4EZVe0wo9pVsCwYJa/sL0vtyp14t5V9hh/fqFtpeq2wW:aevo9pVHu/214vVf0Ftp
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates processes with tasklist
-