General

  • Target

    msedge.exe

  • Size

    145KB

  • MD5

    6a4ecf73deebde28f382fcfb5bec6217

  • SHA1

    dd0e386f238500e74d131bda5c206509d5d07687

  • SHA256

    cbf37235e35f3823287ffa5adead151873944b9d540ad4c953d29c4f8711d1fd

  • SHA512

    859e185da74e2f300cc3d7e215c2cc8e3ed56db39a0de28f9589e8743fa8730377ed06d239ea18c10345f7d243b34c5f0f0a468692b2b3f9691a092aa6d38834

  • SSDEEP

    3072:+UOcxHCoeGPMVhYSnu1bhnQIe5BV0WUniyimyJLY:+EeGPMVKiwb9re5v0WURyt

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

147.185.221.20:49485

Mutex

geuttmzzyleqrt

Attributes
  • delay

    3

  • install

    true

  • install_file

    msedge.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • msedge.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections