General
-
Target
1379e10d0f09454dec7701917db4752dabbe57bac4381d4c9a4c105244612374
-
Size
73KB
-
MD5
af90f03a23c6af39ca50fc618b066c2b
-
SHA1
955cf4e596dd113ea97d8bd234e09cc4a4584ad9
-
SHA256
1379e10d0f09454dec7701917db4752dabbe57bac4381d4c9a4c105244612374
-
SHA512
15f383e541c3bc9c2143adda1dbfad2ca2114264a2a05d623404a8439567bd33a59136833976b4bdbebf4b0b012af39bc136b74b9ac187a3b4d9ec083e1df5ff
-
SSDEEP
1536:oUYccx4y3lCl6PMVp7TNyIB21bl/5OdxQzc33VclN:oUlcx4yVy6PMVp7Bl21blCQSlY
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
Venom RAT + HVNC + Stealer + Grabber v6.0.3
Botnet
Default
C2
147.185.221.20:46193
Mutex
tesargwffegsrgdrtgr5eg4re5gy756u6j7
Attributes
-
delay
1
-
install
true
-
install_file
12345.exe
-
install_folder
%AppData%
aes.plain
Signatures
-
Asyncrat family
-
Detects executables attemping to enumerate video devices using WMI 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1379e10d0f09454dec7701917db4752dabbe57bac4381d4c9a4c105244612374
Headers
Sections