asyncrat | cd45f75d587dc5aac121abb8bdd48247588ffa545a7ad6bc657f5f0ddf044105 | Triage

Submit
Reports

Overview

overview

Static

static

RVKAS04KJH...GY.exe

windows7-x64

RVKAS04KJH...GY.exe

windows10-1703-x64

Sharing

General

Target

RVKAS04KJHWDFV01HGY.exe
Size

300.0MB
Sample

220928-ze4gcshab6
MD5

8f229797d75d12c30042cf7ac4816d8e
SHA1

789a595bf5f56d93d232a2dfd01480a3447ea75c
SHA256

cd45f75d587dc5aac121abb8bdd48247588ffa545a7ad6bc657f5f0ddf044105
SHA512

0f650136a86e8fd1e9fa300446010bf61866b4c2f59d711f2cd3de4ce4f679719c0de4337c8107b650023e0f5094ffc7cf6f707915f6777682642b2940bf4a0c
SSDEEP

3072:PCz5n5VJ/ZfkTE6FBR0/JGJvnMwBbGe8IsPsBAAAAAAAAAAAAAAAAAASY:QnvL8TFFBtygbGe8XC

Score

10^/10

asyncrat venom clients rat

Static task

static1

Behavioral task

behavioral1

Sample

RVKAS04KJHWDFV01HGY.exe

Resource

win7-20220812-en

asyncrat venom clients rat

windows7-x64

8 signatures

1200 seconds

Behavioral task

behavioral2

Sample

RVKAS04KJHWDFV01HGY.exe

Resource

win10-20220812-en

asyncrat venom clients rat

windows10-1703-x64

8 signatures

1200 seconds

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT 5.0.5

Botnet

Venom Clients

C2

g896696.duckdns.org:7343

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  RVKAS04KJHWDFV01HGY.exe
- Size
  
  300.0MB
- MD5
  
  8f229797d75d12c30042cf7ac4816d8e
- SHA1
  
  789a595bf5f56d93d232a2dfd01480a3447ea75c
- SHA256
  
  cd45f75d587dc5aac121abb8bdd48247588ffa545a7ad6bc657f5f0ddf044105
- SHA512
  
  0f650136a86e8fd1e9fa300446010bf61866b4c2f59d711f2cd3de4ce4f679719c0de4337c8107b650023e0f5094ffc7cf6f707915f6777682642b2940bf4a0c
- SSDEEP
  
  3072:PCz5n5VJ/ZfkTE6FBR0/JGJvnMwBbGe8IsPsBAAAAAAAAAAAAAAAAAASY:QnvL8TFFBtygbGe8XC
Score

10^/10

asyncrat venom clients rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratvenom clientsrat

behavioral2

asyncratvenom clientsrat

© 2018-2024

Terms | Privacy