Extracted

• • Target

    94917200997082_20250101_20250211_404111.bat

  • Size

    207KB

  • MD5

    58234103928767a4be6e3ecc93b24887

  • SHA1

    f624ccc81ee70acf99226cf037a2860d1ad9fa0e

  • SHA256

    ea3a820ce7d9424ff53882a56b65ce712ec27c09fa9e9149ee7339d67f296b9f

  • SHA512

    3a3bbe14d0c8971698d2d53fc22bb0c28e97d9f5cdce4042290261d2f8da1e9bd1de3d2260958423535fb5f6a5f704cb74ca74038c8e8b5658c05dda82cbac9d

  • SSDEEP

    6144:nojU+S5xN0iICHfi26DqDB3rN/Bei2463e0yEFJn:yUP53VHf1HDB3rN/Bei2463e05

  Score

  10^/10

  discoveryexecutionasyncratvenomratfeb 27 logsrat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Asyncrat family

    asyncrat

  • VenomRAT

    Detects VenomRAT.

    rat

  • Venomrat family

    venomrat

  • Async RAT payload

    rat

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Using powershell.exe command.

    execution

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1behavioral2