General

  • Target

    b8f4ac566b9f8e80a217c4a755fc01edd6d4e26cce05b4d777d44ae123d2da8a

  • Size

    74KB

  • MD5

    5692fcc767e235760e3afb368543ed44

  • SHA1

    f56ffbee5250aa872e5e2db18bd5a9357e26a2d3

  • SHA256

    b8f4ac566b9f8e80a217c4a755fc01edd6d4e26cce05b4d777d44ae123d2da8a

  • SHA512

    4b533ad6456bc760bf6840214d675efed7fe59dd31f928118e9e648a53418e1eb8354f0bfb9b202c086c066951155187db1b356041fb7a4efe777f2c608f5a3e

  • SSDEEP

    1536:gUUPcxVteCW7PMVU7zOsMdIfH1b//8AvOyJ6QzcyLVclN:gUmcxV4x7PMVU7zOsMQH1b/RlIQjBY

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

127.0.0.1:1337

Mutex

05chQ1ux@

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • VenomRAT 1 IoCs

    Detects VenomRAT.

  • Venomrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b8f4ac566b9f8e80a217c4a755fc01edd6d4e26cce05b4d777d44ae123d2da8a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections