General

  • Target

    S-500-RAT-Cracked.zip

  • Size

    72.5MB

  • Sample

    240821-f69mxawajm

  • MD5

    a0c633eb51f2f407a0bdb4fe0b939ade

  • SHA1

    f3449c01ede19482b02c9bcf4b164230baa1cfe8

  • SHA256

    3e21b76182ccda706b968b15fff51cbd897656a002b06ec8c941301008e463e9

  • SHA512

    e5486e8e17470595acef7c89c9667b33bfe6dfed134eb8eb750e1128081c65081ea32daab7a5b93a8c7a8a1f534bb31902f04c23ff2646ec94a2247cc4e2aac9

  • SSDEEP

    1572864:yqhnTSHJZwGDChyevXPkIeR1dhQrpQrIQr7Qrf7pjOg1:lhIwG6YllqrSrXrMrfdT

Malware Config

Extracted

Family

asyncrat

Version

Venom Pwn3rzs' Edtition v6.0.1

Botnet

Default

Mutex

oevtobrbpcmpahavl

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/LwwcrLg4

aes.plain

Targets

    • Target

      S-500-RAT-Cracked/.peu/New Project 1/src/PebApi.inc

    • Size

      2KB

    • MD5

      1ed2608e8fefbe2b4978a257d456b866

    • SHA1

      134a2608e5f07b8637d44538676e64ffc605a27f

    • SHA256

      075326d282390e14e558adf21ef184e24eff05d6c5a69233219cc48ba751bc3f

    • SHA512

      ff9550cdee02af07909e3a8d5c2192b3b480b96098bc95e0b0d27b50287728d58bd24391ffe1c8620e38f303bd70db4cfce90be872e48e284e632a71f40957aa

    Score
    1/10
    • Target

      S-500-RAT-Cracked/BouncyCastle.Crypto.dll

    • Size

      2.5MB

    • MD5

      3551343fab213740bbb022e3a6dcf27b

    • SHA1

      de67fb4f9d58db4a860a703c8d1f54ff00ff9b1f

    • SHA256

      5530dff976bc0c889076b97ca695bdb97ef07f63449d32f893ed32398ed8bfe6

    • SHA512

      e90f51053e1d4b0ea1f7458229de92174abf0781c766290da4de5cc8dfcfb730998252bf28b36ca5070978fdcea8b97f0aea6a47b875dd34173643ac0cb46c42

    • SSDEEP

      49152:3CTzhVM0AU5d3UOhq8hmReOUJfd5T3D+VTQlgQeCKbu9kQLO0:GwU5d3vhzhmoOmfd5rqX0

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Compression7zip.dll

    • Size

      40KB

    • MD5

      cbc44e5fc144b9e998b1d98452a87c06

    • SHA1

      b1dd5c67f1e37bf1b40ca5abb031899a09798b1d

    • SHA256

      1c167173ee4f36732bec73ac19fd774b3bd606c8c5d46cd35194093f642b711c

    • SHA512

      38fce2c86225115d7aa19fadb5567fbfee4a75e30a93440d0ae0ca800767ad27e3689de0a9a953f79f5bfa16aba5ad232cad4154889f510b51ef32185f6a4fdc

    • SSDEEP

      768:eGDJdsdPCIxoHXNo2/z/heU/FLlPRnHdytMnRixGpiLuqAdIkUlGAxrID/Pve7E9:tDJdT/9eU/FJZnvBhq7k1Xve72

    Score
    1/10
    • Target

      S-500-RAT-Cracked/FastColoredTextBox.dll

    • Size

      298KB

    • MD5

      020afdfc4f034027354b9f33fe0900cb

    • SHA1

      cf323c82de0ce24147033008d086a380a9f04868

    • SHA256

      8f9d26773e9a13779c4e1cd498ba484f31d2459df4cdfbb274919c316a8825b0

    • SHA512

      02c97d3361a365396b6eab5d09213330609f37a6f233d86fd7cb9859d1e7622a9d81d2a9201223703f510974d42a97596b16d0945cd34ba1ecd31d3760c68ea8

    • SSDEEP

      6144:Z/P+T2FFt0aWXsA7m25bmxbLampiI/nlsqJLDd5eNrgs:J+TuroVmRlb4IvZeNs

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Gry73.dll

    • Size

      45KB

    • MD5

      b3d076f3125fa03d8f97a9fef0b42a5e

    • SHA1

      3f4ef3de41a8f3b7adcf79cc031fb4de12265304

    • SHA256

      21f68f41aadfc44c994ef9a4394d910250a4c9e43f4d8c43b3015f5390014819

    • SHA512

      27ab2e34c44a720a6f836d5892dcf1cb426bc20bced7e218799a7d6cf57b5e1e8719e3bb580a5d1be623e91a5e9333298541395d774bf6af4fdeacf855867f13

    • SSDEEP

      768:PX5Ii8RZqHCPLq6vt/3pjsK/ZvT+T84o4snonmeTz6dXJyZ:PX28CDq63pjsKtaT8nXC/TkXJi

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Guna.UI2.dll

    • Size

      1.9MB

    • MD5

      0f07705bd42d86d77dab085c42775244

    • SHA1

      7e4b5c367183f4753a8d610e353c458c3def3888

    • SHA256

      cf9b66e11506fa431849350c0cb58430a71e5ec943d2db9ef1b2e2302f299443

    • SHA512

      851b1a4c470ee7fe07ce5619c16fd391428585926c5b559694a9e445633ea51ec86c74a3bbf3bce39d943c4bf714dad2fd3c4a4d0703be2333541c79a2ee97f0

    • SSDEEP

      24576:m8Yq6KN2liAVp0j4DuJPbTzcH7DlktjfEzgKxGgcKM8Q3xajfgY236RYgPNsP:drCqfE0KctKM8Qv6RYgPY

    Score
    1/10
    • Target

      S-500-RAT-Cracked/LiveCharts.Wpf.dll

    • Size

      212KB

    • MD5

      e924f79f0b5f3e79c98477d75831813d

    • SHA1

      64f71e20e1953b13c771d8a8e63549ad6d64216e

    • SHA256

      1bdbb1b5c1a50653e5c26161e9b7c03edc518721a6e10ea180a84049d967106b

    • SHA512

      063e9bdbdaf0accb46cef5fdb98b30a97b8a6ba097a80d43a9799ff73e820d1c56d41ca9f71d94497736e3def7fbd0109db4000ab1d9e46cdc96357bf3e15fd1

    • SSDEEP

      6144:d/vd0eaDQcUc0GkiTV3bkACA3AloBtefVt+aA2xgKPo1zlW1w:vaErjGkiTV3bkACA3AloBtefVt+aAGBF

    Score
    1/10
    • Target

      S-500-RAT-Cracked/LiveCharts.dll

    • Size

      148KB

    • MD5

      9642899636959b7fc89bf34a8b998a90

    • SHA1

      479a0254d1c9e5565c7d861bb77f54b7eae50c96

    • SHA256

      9fcf89837b60f69c1c501e4cfa4d2860887afd0b8f325803367e795a4e3bc9ca

    • SHA512

      435dccb57ff3e9d0663770768c866838b19fbaa5b8e79de0ca111d9c73276f016e016d1d268f72cf3435ecac122039764fada952e1a4f68f368b492bb866c9a2

    • SSDEEP

      3072:saegvMNVoz3Vlw6/R3z3MV1IdJJGVKWHC2KdxFFT9lzo:VFJlwYMVWY65z

    Score
    1/10
    • Target

      S-500-RAT-Cracked/MetroFramework.dll

    • Size

      345KB

    • MD5

      34ea7f7d66563f724318e322ff08f4db

    • SHA1

      d0aa8038a92eb43def2fffbbf4114b02636117c5

    • SHA256

      c2c12d31b4844e29de31594fc9632a372a553631de0a0a04c8af91668e37cf49

    • SHA512

      dceb1f9435b9479f6aea9b0644ba8c46338a7f458c313822a9d9b3266d79af395b9b2797ed3217c7048db8b22955ec6fe8b0b1778077fa1de587123ad9e6b148

    • SSDEEP

      6144:M4S7k5hdCpU4YqfkUGz6KpQQZQHDXjNCdOZgLdL5DXBK:M4S7k5hdCEQHP1Zgj

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Obfuscation.dll

    • Size

      22KB

    • MD5

      0dac4ba4180115bcbafced522b94970a

    • SHA1

      d70457578f3e0db24ecab84323854c7c7a724f61

    • SHA256

      8cb9ede1fd8c60691503b77c3ef52b35881a2555057cb5557341cd8c89e752de

    • SHA512

      b27329c07ed0f671aa109cdd49d2c32d84031dc64a290f9447864aee0975cc0662179f0c684c5feacb6ca7f99b9eb483bbc74a79234c741f69efeff76ad0c87a

    • SSDEEP

      384:KTvtklEbiXejlVExwehhLzb5s5TbRRyLGv4Jv7ZEIbioxY:lEbiSPExZhV4BvQzZE/oxY

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Plugins/ActiveWindows.dll

    • Size

      27KB

    • MD5

      11667dcbb0c3f4a2cabbb7e749abb8e4

    • SHA1

      aa265341eabf7a2b7f87aff44bcd74cd018fb5f9

    • SHA256

      3b67b9994db3b22a1ffe4c5ac7be974d1470e9892c0ce2fdc4aa1fdce6529f04

    • SHA512

      04c6e179f11866e83d6fc931585e35314496a9df2420f3d10ef007a7f8ede282ae3ba30f704c67dc5f8702a8d7cdf8aca759df6df0d0bac4bfbbc599b5e88ba1

    • SSDEEP

      768:D2uI+GQ6Ztlf/Ws8NXtu8qzDi/NxnTj07Hg9RBZw/Bo:CrFZn98Ndu8qzDi/PnPcHoRBuZo

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Plugins/Admin.dll

    • Size

      31KB

    • MD5

      fc4a2c1fe09bad3c45b1667dbc5ee1e3

    • SHA1

      c8b48aeebc2701b604519860c8eb58d7d60b0523

    • SHA256

      af2ec6aececa142de44371908980aa041ce3d51e4ccae151fcd86a7db8b2a384

    • SHA512

      dab8dda902d1e05f63a8ac9cb4afae8d204d2d678aa5a9def15495297787df3d75d21ae035cc24a80a7edd5bbd939727aa7feea217c2f4896073956e13b0792d

    • SSDEEP

      768:eRgZyI4Ph/U6d0vZxnrXCzt1tqvlbZQHX477fQtPS5j4p:fB4PzNil164cp

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Plugins/AntiMalware.dll

    • Size

      29KB

    • MD5

      5597ca467d7b6e8ba3571c4bb052b586

    • SHA1

      375ae43aa132d705c392253fe08139d996a10a31

    • SHA256

      cd7ce00deaca14e500ab16c18164f11483a04b9e9b5ab5c6cdf87df42fefe608

    • SHA512

      c8938c27019ebd1d55502ac66c21a22219f815a11640d3380c00733afa4ae850860d47c3e2a47bbd4651f3267d0d5343f484dcf36653fcde64c12215f615f382

    • SSDEEP

      768:kWJR0JPaDQbRvCYIVkFIY8B1VV123MhsLiYlsU:VJIbRUVJXV0l2ef

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Plugins/BotsKiller.dll

    • Size

      7KB

    • MD5

      30e2fb2bc2a5860fd32fafb285401ee1

    • SHA1

      57f9f8814bea72c06ca924ec08455b8aac351112

    • SHA256

      44c3d6fb2e8bbc241955524bdaca1b6a90548e8769b9945cee50ba1fb35041ca

    • SHA512

      bfce9a9700d298fded24502775c6508cee31a7e2d65e66bb1a1c9016b1e8e7c173c7f2607e295843afda49aa02070b2e75b60e51b4b3753c4105de87edc6924c

    • SSDEEP

      192:JwOwaWTCJfRyRmvXHMFd2OsOGd/l4oI5/rodYHR6:JwxCJf4ZFwVhb+mW6

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Plugins/Chat.dll

    • Size

      1.7MB

    • MD5

      88c29a6120e7ffb996ef451cf0b6ac99

    • SHA1

      3388261d1ff706d1adcd28c47cd6e6d7055c7735

    • SHA256

      9b374f56b637d01f1e9c113fc5cebe04515e01e0e5e7a309bf62134a1933f246

    • SHA512

      0d72f7a703b79ca063f31f655468410c710fb866be127ec9b360baa3c6fd7081aeb9da8e2a762f963aea54eff371fa6159ca4a922ef647b2219a29ca195e0193

    • SSDEEP

      49152:2H43LjSHwuDwnI/ZNYF1QrQg+qrR9G1j44W:yQLnIxNYF1QrQg+E9s4X

    Score
    1/10
    • Target

      S-500-RAT-Cracked/Plugins/Clipboard.dll

    • Size

      28KB

    • MD5

      b0ba61981f5f7b8ec9929e240b81e6be

    • SHA1

      36cac974e67146631bdeb0d89d5602c1b9120c66

    • SHA256

      4ffd6a2c22293204ff1d9ea606d5398ac0286a2ed4a3f251eb0f248bb90ae6de

    • SHA512

      84b228da4074545bd18df46c1dca268069066132d6f7b27a5a62ba9b770402030f4c7fcf73c980565f0b1aa47fb13f0d1fd012e06bb213580fe9bda1a650a8fd

    • SSDEEP

      768:7q23iUSHtiLxhdEvgtEGcJsU21J5+xa7QPXYt24XhdT9m:CHtijO2HZU2bsISI24xdM

    Score
    1/10

MITRE ATT&CK Matrix

Tasks

static1

agilenetupxratdefaultasyncrat
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10