Overview

overview

10

Static

static

10

Client.exe

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client.exe

  • Size

    63KB

  • Sample

    240804-x89jcsxhrd

  • MD5

    730fffd38140c61bade2c837099a4f0d

  • SHA1

    615a5bd706eb2676aedaa39fc6927cecef1aae29

  • SHA256

    e61f184859c51a4c0213f7481455a711ea45b0c8f8ee241f1e32cb873c10fa28

  • SHA512

    51b1a5f9fc240a2174cb7f6e6c2874e875b5045882a5d6e8ce3584a6e343285013be3bf9a6425e0e17f18215ae6fb574a23a2317b38453c84324f457b86429e1

  • SSDEEP

    1536:SJWnX1QHsrLhSBjCeeiIVrGbbXwTPGGDpqKmY7:SJWnX1QHsrLqjbeXGbbXQgz

Score
10/10
asyncratvenom clientsrat

Malware Config

Extracted

Family

asyncrat

Version

5.0.5

Botnet

Venom Clients

C2

127.0.0.1:4449

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes
  • delay

    1

  • install

    true

  • install_file

    microsoft_edge.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Client.exe

    • Size

      63KB

    • MD5

      730fffd38140c61bade2c837099a4f0d

    • SHA1

      615a5bd706eb2676aedaa39fc6927cecef1aae29

    • SHA256

      e61f184859c51a4c0213f7481455a711ea45b0c8f8ee241f1e32cb873c10fa28

    • SHA512

      51b1a5f9fc240a2174cb7f6e6c2874e875b5045882a5d6e8ce3584a6e343285013be3bf9a6425e0e17f18215ae6fb574a23a2317b38453c84324f457b86429e1

    • SSDEEP

      1536:SJWnX1QHsrLhSBjCeeiIVrGbbXwTPGGDpqKmY7:SJWnX1QHsrLqjbeXGbbXQgz

    Score
    10/10
    asyncratvenom clientsrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks