Behavioral task
behavioral1
Sample
Client.exe
Resource
win11-20241007-en
General
-
Target
Client.exe
-
Size
73KB
-
MD5
16df4c5cd796674b00ce1057951723de
-
SHA1
b3e9b12be9137cbe47be8efc0cafe41ff5a1a8a9
-
SHA256
831e0d88c9a9e96dc0ce0b979ca353ec40925673f3fcc51267d9d1a6cdc11a33
-
SHA512
770a8ce19d10ab145ae1751c3f4fb7d6fe041fe451a30eee3856e6ddaff6bfa0bea79c1f023e56993ae7ba3d5718bcdd78b4acc22f6badf31ec75f081e65cc6f
-
SSDEEP
1536:wULkcxVKpC6yPMVKe9VdQkhDIyH1bf/S6xb2SQzc33VclN:wUocxVENyPMVKe9VdQgH1bfKG2SQSlY
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
zabblfdkiqcnixcr
-
delay
1
-
install
false
-
install_folder
%AppData%
-
pastebin_config
https://pastebin.com/raw/sG1KxVNw
Signatures
-
Asyncrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Client.exe
Files
-
Client.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ