General

  • Target

    JaffaCakes118_13a1264ffcc8e8ed54f849db376330ca634c3312dd1ac12e7244f6705024eaa2

  • Size

    28KB

  • Sample

    241222-zqjlbsymgt

  • MD5

    2aa07750a7efe6930bfc8ce8a9587ebe

  • SHA1

    53ff6ea7a2107db605ae65aa576c6a8660c3cf4e

  • SHA256

    13a1264ffcc8e8ed54f849db376330ca634c3312dd1ac12e7244f6705024eaa2

  • SHA512

    bdd1af1b596a79029e5326187b0465da1686c7c29561a80186ac37beca0b6be850de2f27a07136c1fad81c7d61d9b3a0f37abec26449b2453d6386849fe44b3a

  • SSDEEP

    768:zCt/kaRMSdFc2Ha25uNRppx2n/3va+9FvFdmsApvr8BcuABVpFK24YD3N:zglWgpHa25kb2n/S+9zdmsApvrkcVpvx

Malware Config

Extracted

Family

asyncrat

Version

VenomRAT_HVNC 5.0.4

Botnet

Venom Clients

C2

192.168.1.167:8080

Mutex

uJcmfciqm

Attributes
  • delay

    0

  • install

    true

  • install_file

    MicroSoftHealthTool.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Account Generator.exe

    • Size

      65KB

    • MD5

      8bfd2d2247e575781c69af466e7a72c2

    • SHA1

      2c0a8f286513e81fee033f2c626bf56c6099225f

    • SHA256

      5c3c584dac464e1ca4d38234e1178cd668cbfddc316485b9ef043057ce23f436

    • SHA512

      a9d2eb3308587000b6539aee95c77cb8e2fb56a3b426d8d862932c7a266c7b9796d239057043971218784c36dffe3a7d603596003bf2311c15c48959afb1662b

    • SSDEEP

      1536:jn1v8Ywnx3z66wEs9Dm+sl1bbsoxvom7M+asANpqKmY7:jnVwnx3zRwEI7K1bbsoLMKAWz

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

MITRE ATT&CK Matrix

Tasks