asyncrat | 2686f48d8ee20bb626d990a4bc0d9d9fb62caf5f7c692442a93c695a3d739401 | Triage

Submit
Reports

Overview

overview

Static

static

RCAV01KAYUOPSH09.exe

windows7-x64

RCAV01KAYUOPSH09.exe

windows10-1703-x64

Sharing

General

Target

RCAV01KAYUOPSH09.exe
Size

300.0MB
Sample

220923-tk35wsahaq
MD5

248b22656b4f570096d43a9b1dceec79
SHA1

f0dbaf167be570b55cae61699335058cb391f14d
SHA256

2686f48d8ee20bb626d990a4bc0d9d9fb62caf5f7c692442a93c695a3d739401
SHA512

e957b674565c62cf0729ce6829c9f5d85f7e19fa889b3819f7ec375a402f95fba20004ee39c7cf7f2c52d695e079ad5fab850f85362c52e5a77649ab370d268b
SSDEEP

3072:pRmDce0sRYqkocK3leiOCv9CfXGtj/sePd4:pof0wXBcdCv9CfXGlEePm

Score

10^/10

asyncrat venom clients rat

Static task

static1

Behavioral task

behavioral1

Sample

RCAV01KAYUOPSH09.exe

Resource

win7-20220812-en

asyncrat venom clients rat

windows7-x64

7 signatures

600 seconds

Behavioral task

behavioral2

Sample

RCAV01KAYUOPSH09.exe

Resource

win10-20220901-en

asyncrat venom clients rat

windows10-1703-x64

7 signatures

600 seconds

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT 5.0.5

Botnet

Venom Clients

C2

stoo02093.duckdns.org:5029

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  RCAV01KAYUOPSH09.exe
- Size
  
  300.0MB
- MD5
  
  248b22656b4f570096d43a9b1dceec79
- SHA1
  
  f0dbaf167be570b55cae61699335058cb391f14d
- SHA256
  
  2686f48d8ee20bb626d990a4bc0d9d9fb62caf5f7c692442a93c695a3d739401
- SHA512
  
  e957b674565c62cf0729ce6829c9f5d85f7e19fa889b3819f7ec375a402f95fba20004ee39c7cf7f2c52d695e079ad5fab850f85362c52e5a77649ab370d268b
- SSDEEP
  
  3072:pRmDce0sRYqkocK3leiOCv9CfXGtj/sePd4:pof0wXBcdCv9CfXGlEePm
Score

10^/10

asyncrat venom clients rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratvenom clientsrat

behavioral2

asyncratvenom clientsrat

© 2018-2024

Terms | Privacy