Overview

overview

10

Static

static

10

Chaos Rans...v4.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Chaos Ransomware Builder v4.exe

  • Size

    181KB

  • MD5

    2ac325657ea62cb8e135bd6871f9e4d7

  • SHA1

    0b5415559880c6f0e411d734e7efb3f7ed714efd

  • SHA256

    8a56c729037b05fd9e8cb60737c4aef1f60dd0a46124f0e63cd6a699591e8f4b

  • SHA512

    6676975255592f3493c7977da6533b32ec742a3221a3c1bea867259366ccd54a3dc561683d8a215f202ddbbc743b636f995e369514036909c6a1f6d5af2aba4c

  • SSDEEP

    3072:Mnee941bbsYVpipXKci2YcRPm16Pn6bWz:Ae9lbsOpiAciim163

Score
10/10
ratoperation new dawnasyncrat

Malware Config

Extracted

Family

asyncrat

Version

VenomRAT_HVNC 5.0.4

Botnet

Operation New Dawn

C2

Order1776-47063.portmap.host:47063

Mutex

zQvf93Q6q

Attributes
  • delay

    0

  • install

    true

  • install_file

    svchost.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Chaos Ransomware Builder v4.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections