Behavioral task
behavioral1
Sample
msedge.exe
Resource
win7-20240708-en
General
-
Target
msedge.exe
-
Size
145KB
-
MD5
6a4ecf73deebde28f382fcfb5bec6217
-
SHA1
dd0e386f238500e74d131bda5c206509d5d07687
-
SHA256
cbf37235e35f3823287ffa5adead151873944b9d540ad4c953d29c4f8711d1fd
-
SHA512
859e185da74e2f300cc3d7e215c2cc8e3ed56db39a0de28f9589e8743fa8730377ed06d239ea18c10345f7d243b34c5f0f0a468692b2b3f9691a092aa6d38834
-
SSDEEP
3072:+UOcxHCoeGPMVhYSnu1bhnQIe5BV0WUniyimyJLY:+EeGPMVKiwb9re5v0WURyt
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
147.185.221.20:49485
geuttmzzyleqrt
-
delay
3
-
install
true
-
install_file
msedge.exe
-
install_folder
%AppData%
Signatures
Files
-
msedge.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
Imports
mscoree
_CorExeMain
Sections
.text Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 74KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ