General

  • Target

    7873d35d4c9ed8188f0a96466c30c704a0c6b327cc8be398d9ed1cd1df26a289

  • Size

    74KB

  • Sample

    241005-mzlqtsveka

  • MD5

    db502a66ed6eba1496277893356009a3

  • SHA1

    7a298afae8c4523dc51245d0d9a5aa8d2a1bfe3e

  • SHA256

    7873d35d4c9ed8188f0a96466c30c704a0c6b327cc8be398d9ed1cd1df26a289

  • SHA512

    e6a1c0d25da04d9ee68df5aeab7eaa8d695d8f73031d23b1aaf275dc57cb84784f0d2cc13e670c67676df7c53afdfdc3f653315a5c119584b4790267391346c3

  • SSDEEP

    1536:1ULkcxVKpC6yPMVKe9VdQuDI6H1bf/ISCQzcGLVclN:1UocxVENyPMVKe9VdQsH1bfwSCQfBY

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

Mutex

frirxjguotjierkd

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/E41BUzEu

aes.plain

Targets

    • Target

      7873d35d4c9ed8188f0a96466c30c704a0c6b327cc8be398d9ed1cd1df26a289

    • Size

      74KB

    • MD5

      db502a66ed6eba1496277893356009a3

    • SHA1

      7a298afae8c4523dc51245d0d9a5aa8d2a1bfe3e

    • SHA256

      7873d35d4c9ed8188f0a96466c30c704a0c6b327cc8be398d9ed1cd1df26a289

    • SHA512

      e6a1c0d25da04d9ee68df5aeab7eaa8d695d8f73031d23b1aaf275dc57cb84784f0d2cc13e670c67676df7c53afdfdc3f653315a5c119584b4790267391346c3

    • SSDEEP

      1536:1ULkcxVKpC6yPMVKe9VdQuDI6H1bf/ISCQzcGLVclN:1UocxVENyPMVKe9VdQsH1bfwSCQfBY

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • VenomRAT

      Detects VenomRAT.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks