Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
146s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
18/08/2024, 18:42
General
-
Target
46173d25c61f353cb1c5047b6108cae5d4eb30bf24e9981dfc94f78b85f92c69.exe
-
Size
73KB
-
MD5
27653cc5fe7648b0055edbf486cff863
-
SHA1
8afcabe5a089dd089431eb9ef15084019a50735a
-
SHA256
46173d25c61f353cb1c5047b6108cae5d4eb30bf24e9981dfc94f78b85f92c69
-
SHA512
05a766bb2a334ed099e1be65a6201eb984a4b8ad07134b9e8f19f101247c4f22194e1a45ad7b75f36af3702c33a248154974d960d5710c8916b967d251efc05e
-
SSDEEP
1536:LUUPcxVteCW7PMVee9VdQkhDIyH1bf/LEQzc33VclN:LUmcxV4x7PMVee9VdQgH1bfDEQylY
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Botnet
Default
C2
103.252.93.30:4449
Mutex
jaxvjfwhmxamotc
Attributes
-
delay
1
-
install
false
-
install_folder
%AppData%
aes.plain
Signatures
-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
VenomRAT 1 IoCs
Detects VenomRAT.
-
Suspicious behavior: EnumeratesProcesses 8 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\46173d25c61f353cb1c5047b6108cae5d4eb30bf24e9981dfc94f78b85f92c69.exe"C:\Users\Admin\AppData\Local\Temp\46173d25c61f353cb1c5047b6108cae5d4eb30bf24e9981dfc94f78b85f92c69.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
88KB
-
Filesize
10.8MB
-
Filesize
8KB
-
Filesize
10.8MB