Overview

overview

10

Static

static

10

70de5813ac...85.exe

windows7-x64

10

70de5813ac...85.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18-08-2024 18:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    70de5813ac90e41f22f97516424e6e1b353b65fde608c70b21219af9972afd85.exe

  • Size

    74KB

  • MD5

    b837afe03feca319c2c439eb4e376cd8

  • SHA1

    21ef92c3333a409db5d7c64595ac1d86b711e0f7

  • SHA256

    70de5813ac90e41f22f97516424e6e1b353b65fde608c70b21219af9972afd85

  • SHA512

    7bc9018597ec6f056ce33031797581090d6f8c27797772e61b0a83d31d02d498d1f028051567f4db305c4c7279536548195af79e2dbfe5e17002acee36d768a0

  • SSDEEP

    1536:1ULkcxVKpC6yPMVKe9VdQuDI6H1bf/pg+Z9QzcGLVclN:1UocxVENyPMVKe9VdQsH1bfh/Z9QfBY

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

Mutex

ggfyweqqljvcezmyu

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.ai/raw/firninryz6

aes.plain

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat
  • VenomRAT 1 IoCs

    Detects VenomRAT.

    rat
  • Suspicious behavior: EnumeratesProcesses 41 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\70de5813ac90e41f22f97516424e6e1b353b65fde608c70b21219af9972afd85.exe
    "C:\Users\Admin\AppData\Local\Temp\70de5813ac90e41f22f97516424e6e1b353b65fde608c70b21219af9972afd85.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2280-0-0x000007FEF6133000-0x000007FEF6134000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2280-1-0x00000000001A0000-0x00000000001B8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2280-3-0x000007FEF6130000-0x000007FEF6B1C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2280-4-0x000007FEF6130000-0x000007FEF6B1C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2280-5-0x000007FEF6133000-0x000007FEF6134000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2280-6-0x000007FEF6130000-0x000007FEF6B1C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2280-7-0x000007FEF6130000-0x000007FEF6B1C000-memory.dmp

    Filesize

    9.9MB

    Download