General
-
Target
NewLauncher-1.8.0-windows.exe
-
Size
183.0MB
-
Sample
250301-kl2h1sxlt2
-
MD5
8f703a5bf5fd22e0a95c4191c043af2e
-
SHA1
2f222f5ce7926c4f796a30c3360fd346ecbf5937
-
SHA256
92cdabb6c06e8de4418d275510af29a8c22c15bf0d88a9eb01b6e51d92ba6581
-
SHA512
0d75da3331521d8c23df6667b5bb0ef9bdabd2f063f0d3797111fb1ae7b207218afceb132722f896299d92318c738b8e14a724e30f68b98e9157ce46fee82c0f
-
SSDEEP
3145728:fOy351kAICN/G2NoWZQ/SVSARwqNsJjMSPapNNnMeaILH/p0OTfSG7jG4OPJZP:fP35O1v2NokjSAXNgjM6kNNMJupJz0P
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
37.150.21.234:2121
wxyogxumgseekcjhmof
-
delay
1
-
install
true
-
install_file
syswow64.exe
-
install_folder
%AppData%
Targets
-
-
Target
NewLauncher-1.8.0-windows.exe
-
Size
183.0MB
-
MD5
8f703a5bf5fd22e0a95c4191c043af2e
-
SHA1
2f222f5ce7926c4f796a30c3360fd346ecbf5937
-
SHA256
92cdabb6c06e8de4418d275510af29a8c22c15bf0d88a9eb01b6e51d92ba6581
-
SHA512
0d75da3331521d8c23df6667b5bb0ef9bdabd2f063f0d3797111fb1ae7b207218afceb132722f896299d92318c738b8e14a724e30f68b98e9157ce46fee82c0f
-
SSDEEP
3145728:fOy351kAICN/G2NoWZQ/SVSARwqNsJjMSPapNNnMeaILH/p0OTfSG7jG4OPJZP:fP35O1v2NokjSAXNgjM6kNNMJupJz0P
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Asyncrat family
-
Async RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates processes with tasklist
-