General

  • Target

    VenomClient.rar

  • Size

    183KB

  • MD5

    cbc77b0e97fa86a07b627217f6f3a3bb

  • SHA1

    f8f7ee3e9e49d374ccb553fc152769aa32d3b6ba

  • SHA256

    1c06c3a8b59c5fbe1ffa91f8bc75191fffc8e0f0281ee4ca7899e20e3b6abfb6

  • SHA512

    cbe823df5f13e8ed31708f36af382bc66192e7fe8c487163e226ce024ecdca3029d35570a0cc67c10a8b2cfcf4c12b1ce90a278fe30d3ef1620e96406fe9565a

  • SSDEEP

    3072:jiNcrhOQ5iPkI6jIaVZBjBONAzXhtIz0h3tBbctY4Pm94HS6cNS6q9qEoWjE:nrhOQgPkI6TVDj0NAJd+67OHS6c03qVx

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

Mutex

wgzvrzpksxgiaglrvq

Attributes
  • c2_url_file

    https://paste.ee/r/Wp7LQ/0

  • delay

    1

  • install

    true

  • install_file

    System.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • VenomRAT 1 IoCs

    Detects VenomRAT.

  • Venomrat family
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • VenomClient.rar
    .rar
  • Venom Client/Venom.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Venom Client/freeglut.dll
    .dll windows:6 windows x64 arch:x64

    b70ccfef6881b859fa2bdfff26e23106


    Headers

    Imports

    Exports

    Sections

  • Venom Client/venomsba.dll
    .dll windows:6 windows x64 arch:x64

    b261d0a16bd6de82f63f2deecc4537da


    Headers

    Imports

    Sections