General

  • Target

    Client.exe

  • Size

    75KB

  • MD5

    0cc47ff18d0e3298f9beab60d3aa579e

  • SHA1

    67c3020a046707cbde4dea02352272d6e6b77189

  • SHA256

    87dc5fec26bd15e8a2d4d47a3d29b8fe43be265666770bdecfb496c77c0e3212

  • SHA512

    e0f0627aa715665a27e3b505af264c3c2500b9414764d028fa0ecba0dc979a187f75baf4f97b4793b31325dda65310d8a3e3eccfe676b1f7b13e47334b5fe5b3

  • SSDEEP

    1536:fukU0OSeCX/PMRkYKt2OlY6H1bf/i7AkzkiLVclN:fXUHjAPMRkYv4jH1bfVk7BY

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

51.254.53.24:4449

86.68.222.14:4449

Mutex

ygfmgwcmzefwhl

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • VenomRAT 1 IoCs

    Detects VenomRAT.

  • Venomrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Client.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections