Overview

overview

10

Static

static

10

0bafe977cd...c4.exe

windows7-x64

10

0bafe977cd...c4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0bafe977cd4fd7ff27917e0aed453c8af46b52992553c1a975a2b7f6d2823ac4

  • Size

    74KB

  • MD5

    60a2e12c26687be2c910159d0e324829

  • SHA1

    f4aa9963bb15fd6a56f1da05fb51e80245010bec

  • SHA256

    0bafe977cd4fd7ff27917e0aed453c8af46b52992553c1a975a2b7f6d2823ac4

  • SHA512

    3dfebdf6bf65fa1d51f942a93362aeb7872f39de34836a2221075d6661ed2322c72fda8562e08e165d875ed19fcfb6c91daced5f820a50608ae5d108d5f13ed4

  • SSDEEP

    1536:2RU98cxpeaC/zPMV2UT7a3I671bI/4ev1QzcR8VclN:8U+cxp7AzPMV8D71bIgetQY+Y

Score
10/10
ratdefaultasyncratvenomrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

147.185.221.20:22308

147.185.221.20:9090
Mutex

vfravbfpvqwqeb

Attributes
  • delay

    1

  • install

    true

  • install_file

    steam.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • VenomRAT 1 IoCs

    Detects VenomRAT.

    rat
  • Venomrat family
    venomrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0bafe977cd4fd7ff27917e0aed453c8af46b52992553c1a975a2b7f6d2823ac4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections