Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Medal.exe

windows7-x64

10

Medal.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Medal.exe

  • Size

    74KB

  • Sample

    250308-ytjj3a1yht

  • MD5

    b3ab516fff6fbed0dae9e98f2296a353

  • SHA1

    c92203842163e58e277cdbb31fb30507b6e6f019

  • SHA256

    1d293723eef1db1fa001104e3d4b20382c0f9e93edab5a700602f1ef1f05055a

  • SHA512

    2d329a0e58b840b224583db31a47872d235dc77ba6a06a74aab7165f639bf88090d5fd96da8ad3f87af9079cc9ebade5b99009bc3ccab56909e11664033a60c5

  • SSDEEP

    1536:3UEkcx4VHsC0SPMVMtfJiMIfH1bb/IkQzcGLVclN:3Uxcx4GfSPMVksBH1bb/QfBY

Score
10/10
asyncratvenomratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

127.0.0.1:4449

127.0.0.1:3389
Mutex

lrbnmovzmtoajnkwfls

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Medal.exe

    • Size

      74KB

    • MD5

      b3ab516fff6fbed0dae9e98f2296a353

    • SHA1

      c92203842163e58e277cdbb31fb30507b6e6f019

    • SHA256

      1d293723eef1db1fa001104e3d4b20382c0f9e93edab5a700602f1ef1f05055a

    • SHA512

      2d329a0e58b840b224583db31a47872d235dc77ba6a06a74aab7165f639bf88090d5fd96da8ad3f87af9079cc9ebade5b99009bc3ccab56909e11664033a60c5

    • SSDEEP

      1536:3UEkcx4VHsC0SPMVMtfJiMIfH1bb/IkQzcGLVclN:3Uxcx4GfSPMVksBH1bb/QfBY

    Score
    10/10
    asyncratvenomratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • VenomRAT

      Detects VenomRAT.

      rat

    • Venomrat family

      venomrat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks