Overview

overview

10

Static

static

1

Gorillataghack.bat

windows7-x64

6

Gorillataghack.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Gorillataghack.bat

  • Size

    82KB

  • Sample

    240817-bzc8xazbrg

  • MD5

    0ad188366779a1805b951b1425a2d189

  • SHA1

    12d28ddc3bd166b0e39f698c2f3bdb5f549bbcd0

  • SHA256

    c47c18e4d651aa92dc1b73195fcb3732f65bc5d756e2be4d059c18302d4521f9

  • SHA512

    c0f727ba93ab84e515c6cbad121cf0b3a994a7ff9ca44aa74ec56a89fdd436f1b666f8fb0670f9ab4231a32d2baf683a6c36b45a300bfabd24171046ae2f5c8f

  • SSDEEP

    1536:ZIO65riaIdL6rVhkck+f7YChR1bSk4sUgG2Zc3LU:ZIOi4pCUh+fx9NHTGagI

Score
10/10
asyncratdefaultexecutionrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

127.0.0.1:38173

Mutex

dyobgaczaqehqhovs

Attributes
  • delay

    1

  • install

    true

  • install_file

    gorillataghack.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Gorillataghack.bat

    • Size

      82KB

    • MD5

      0ad188366779a1805b951b1425a2d189

    • SHA1

      12d28ddc3bd166b0e39f698c2f3bdb5f549bbcd0

    • SHA256

      c47c18e4d651aa92dc1b73195fcb3732f65bc5d756e2be4d059c18302d4521f9

    • SHA512

      c0f727ba93ab84e515c6cbad121cf0b3a994a7ff9ca44aa74ec56a89fdd436f1b666f8fb0670f9ab4231a32d2baf683a6c36b45a300bfabd24171046ae2f5c8f

    • SSDEEP

      1536:ZIO65riaIdL6rVhkck+f7YChR1bSk4sUgG2Zc3LU:ZIOi4pCUh+fx9NHTGagI

    Score
    10/10
    executionasyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks