General
-
Target
23309395f893ecd390ec0cc5107968632223f44aba90a414c5e1503e48201abeN.exe
-
Size
369KB
-
Sample
241222-ntdcyawqcw
-
MD5
0d3d00dd6b3a9b921988ff04d13aff30
-
SHA1
8f5e2f7430d88187f60a3a2c130796580cea6839
-
SHA256
23309395f893ecd390ec0cc5107968632223f44aba90a414c5e1503e48201abe
-
SHA512
b2e29f911ef5c29ac4b72ce56ffbefb6613011577bbcc942511a6a5c2f8d127df884be0d2436956173d137c7cf438acddc980192723f21f536fb8caf0575650b
-
SSDEEP
3072:Nv588HEAmjc+U1B4/gjybW0z4j0+uidj2A3v1Z4voth3jLD+uFab:1EAmg++41G2gD4sPSb
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
51.161.12.215:4449
olzlzaglbcqbb
-
delay
9
-
install
true
-
install_file
svchost.exe
-
install_folder
%AppData%
Targets
-
-
Target
23309395f893ecd390ec0cc5107968632223f44aba90a414c5e1503e48201abeN.exe
-
Size
369KB
-
MD5
0d3d00dd6b3a9b921988ff04d13aff30
-
SHA1
8f5e2f7430d88187f60a3a2c130796580cea6839
-
SHA256
23309395f893ecd390ec0cc5107968632223f44aba90a414c5e1503e48201abe
-
SHA512
b2e29f911ef5c29ac4b72ce56ffbefb6613011577bbcc942511a6a5c2f8d127df884be0d2436956173d137c7cf438acddc980192723f21f536fb8caf0575650b
-
SSDEEP
3072:Nv588HEAmjc+U1B4/gjybW0z4j0+uidj2A3v1Z4voth3jLD+uFab:1EAmg++41G2gD4sPSb
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Asyncrat family
-
VenomRAT
Detects VenomRAT.
-
Venomrat family
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-