asyncrat | 070f3d73cf4c3b2c0cfbf7f1e3e8f7f659a61fafed1dcf75691b402e34f539e1 | Triage

Submit
Reports

Overview

overview

Static

static

Microsoft.ps1

windows7_x64

Microsoft.ps1

windows10_x64

Sharing

General

Target

Microsoft.ps1
Size

779KB
Sample

210607-f8b478zhpx
MD5

202491949283ca454f7a5ad9467d2c35
SHA1

ab57577bf573f33d61f279dcddbff424a2c4ba29
SHA256

070f3d73cf4c3b2c0cfbf7f1e3e8f7f659a61fafed1dcf75691b402e34f539e1
SHA512

9aac65a71ccc895b86ba115c3c899dbc7f88d153b925f03da72af10bb2dda3d014c15c9f5f333a6f18a13e5cf5f1334e95033b856c83aa19024ca5c4028cb4cc

Score

10^/10

asyncrat warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

Microsoft.ps1

Resource

win7v20210408

asyncrat warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Microsoft.ps1

Resource

win10v20210408

asyncrat warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

5.206.224.194:3080

Extracted

Family

asyncrat

Version

0.5.7B

C2

14.191.50.101:8080

Mutex

AsyncMutex_6SI8OkPnk

Attributes

aes_key
qyv1ismvAgNTQ98WMOnwHYsv8UB8SL5j
anti_detection
false
autorun
false
bdos
false
delay
Default
host
14.191.50.101
hwid
3
install_file
install_folder
%AppData%
mutex
AsyncMutex_6SI8OkPnk
pastebin_config
null
port
8080
version
0.5.7B

aes.plain

Targets

- Target
  
  Microsoft.ps1
- Size
  
  779KB
- MD5
  
  202491949283ca454f7a5ad9467d2c35
- SHA1
  
  ab57577bf573f33d61f279dcddbff424a2c4ba29
- SHA256
  
  070f3d73cf4c3b2c0cfbf7f1e3e8f7f659a61fafed1dcf75691b402e34f539e1
- SHA512
  
  9aac65a71ccc895b86ba115c3c899dbc7f88d153b925f03da72af10bb2dda3d014c15c9f5f333a6f18a13e5cf5f1334e95033b856c83aa19024ca5c4028cb4cc
Score

10^/10

asyncrat warzonerat infostealer rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Async RAT payload
  rat
- Warzone RAT Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

asyncratwarzoneratinfostealerrat

behavioral2

asyncratwarzoneratinfostealerrat

© 2018-2024

Terms | Privacy