General
-
Target
Turbo Generator_Pictures & Drawing.vbs
-
Size
78KB
-
Sample
241212-rseq6axjcs
-
MD5
870907ad00a8f53e022f042c92727d34
-
SHA1
8789f00e533da9b0a8bd380b9264cfaefe8ff7bc
-
SHA256
6ddb80d5f672a132f45f9a0114d465aa35bb7d3b31aca5473b42a7174eb018ff
-
SHA512
32fbacd4338eced63990c4e0f7327fc3fc4282d497e95724445476f42acf8c1378238d345e5ba53afe86e39d860643657523b42cc5982832162e75cd7d68cde1
-
SSDEEP
1536:KbiY5vZc5xg80mnBAH5JQGnDc3GiXs/P0Uese0A+giS5+p:giUvQYONp3Gi8/PW0Ats
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
HP Elite
45.88.88.7:4675
gbchkhrksazddij
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
Turbo Generator_Pictures & Drawing.vbs
-
Size
78KB
-
MD5
870907ad00a8f53e022f042c92727d34
-
SHA1
8789f00e533da9b0a8bd380b9264cfaefe8ff7bc
-
SHA256
6ddb80d5f672a132f45f9a0114d465aa35bb7d3b31aca5473b42a7174eb018ff
-
SHA512
32fbacd4338eced63990c4e0f7327fc3fc4282d497e95724445476f42acf8c1378238d345e5ba53afe86e39d860643657523b42cc5982832162e75cd7d68cde1
-
SSDEEP
1536:KbiY5vZc5xg80mnBAH5JQGnDc3GiXs/P0Uese0A+giS5+p:giUvQYONp3Gi8/PW0Ats
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Asyncrat family
-
Async RAT payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-