General
-
Target
1379e10d0f09454dec7701917db4752dabbe57bac4381d4c9a4c105244612374
-
Size
73KB
-
Sample
240630-xlt56awcrk
-
MD5
af90f03a23c6af39ca50fc618b066c2b
-
SHA1
955cf4e596dd113ea97d8bd234e09cc4a4584ad9
-
SHA256
1379e10d0f09454dec7701917db4752dabbe57bac4381d4c9a4c105244612374
-
SHA512
15f383e541c3bc9c2143adda1dbfad2ca2114264a2a05d623404a8439567bd33a59136833976b4bdbebf4b0b012af39bc136b74b9ac187a3b4d9ec083e1df5ff
-
SSDEEP
1536:oUYccx4y3lCl6PMVp7TNyIB21bl/5OdxQzc33VclN:oUlcx4yVy6PMVp7Bl21blCQSlY
Behavioral task
behavioral1
Sample
1379e10d0f09454dec7701917db4752dabbe57bac4381d4c9a4c105244612374.exe
Resource
win7-20240611-en
Malware Config
Extracted
asyncrat
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Default
147.185.221.20:46193
tesargwffegsrgdrtgr5eg4re5gy756u6j7
-
delay
1
-
install
true
-
install_file
12345.exe
-
install_folder
%AppData%
Targets
-
-
Target
1379e10d0f09454dec7701917db4752dabbe57bac4381d4c9a4c105244612374
-
Size
73KB
-
MD5
af90f03a23c6af39ca50fc618b066c2b
-
SHA1
955cf4e596dd113ea97d8bd234e09cc4a4584ad9
-
SHA256
1379e10d0f09454dec7701917db4752dabbe57bac4381d4c9a4c105244612374
-
SHA512
15f383e541c3bc9c2143adda1dbfad2ca2114264a2a05d623404a8439567bd33a59136833976b4bdbebf4b0b012af39bc136b74b9ac187a3b4d9ec083e1df5ff
-
SSDEEP
1536:oUYccx4y3lCl6PMVp7TNyIB21bl/5OdxQzc33VclN:oUlcx4yVy6PMVp7Bl21blCQSlY
-
Detects executables attemping to enumerate video devices using WMI
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-