asyncrat

General

Target

QKWERBD01BSNAS_002_PDF.vbs
Size

442KB
Sample

221014-xxdmjsecbp
MD5

ef69b45b2a116ed60277d731e42c2f0e
SHA1

0f1b9734dd43a034c56360e603659568ab65f91d
SHA256

ace37f42d21bf2768add3a41954c1b5d41f85966af20de4483498c14ac4d8a7b
SHA512

c2d037d408ed9a199a15ae960b53c112e2887571e87325794cf49a6f8c15af18bba380544b565d7e0f96dd68c9cda8fc416c50d595640086c1e8f31c62ac7e10
SSDEEP

768:De0E0B0S0Y0V0w0B0V0/i0j0+050kfF0NF0B0Z/0pP40E0X070M0Ao0I0gAOAqAn:7aW1AP4lgK

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://20.7.14.99/dll/dll_ink.pdf

Extracted

Family

asyncrat

Version

Venom RAT 5.0.5

Botnet

Venom Clients

C2

hugh69021.duckdns.org:7555

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  QKWERBD01BSNAS_002_PDF.vbs
- Size
  
  442KB
- MD5
  
  ef69b45b2a116ed60277d731e42c2f0e
- SHA1
  
  0f1b9734dd43a034c56360e603659568ab65f91d
- SHA256
  
  ace37f42d21bf2768add3a41954c1b5d41f85966af20de4483498c14ac4d8a7b
- SHA512
  
  c2d037d408ed9a199a15ae960b53c112e2887571e87325794cf49a6f8c15af18bba380544b565d7e0f96dd68c9cda8fc416c50d595640086c1e8f31c62ac7e10
- SSDEEP
  
  768:De0E0B0S0Y0V0w0B0V0/i0j0+050kfF0NF0B0Z/0pP40E0X070M0Ao0I0gAOAqAn:7aW1AP4lgK
Score

10^/10

asyncrat venom clients rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Blocklisted process makes network request
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Async RAT payload

Blocklisted process makes network request

Drops startup file

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2