asyncrat | 377266f1e3d18fd7b57a1073b2c94d506dbbaf7fcc5bd9fa89404b7806ffbc6b | Triage

Sharing

General

Target

1332-136-0x0000000000400000-0x0000000000418000-memory.dmp
Size

96KB
Sample

230227-wrlkjafa68
MD5

8af76491e6cbf9222980b44063fa0a01
SHA1

06218f8d7a01e4afa2e2e7b12482b9865e4d6214
SHA256

377266f1e3d18fd7b57a1073b2c94d506dbbaf7fcc5bd9fa89404b7806ffbc6b
SHA512

0ad05d04e953846ab6d38d44e0c389251e6fb2fd2c18febffbdb812bf01d4ff4662c6e461d6776606d014c2284d84b50fac51d7fbab718e106d2d92dc0561c6a
SSDEEP

1536:EUzkcx4VHsC0SPMV7e9VdQuDI6H1bf/j8anTQzc2LVclN:EUwcx4GfSPMV7e9VdQsH1bfoaTQPBY

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.1

Botnet

Default

C2

127.0.0.1:4449

91.134.187.20:4449

Mutex

mhtuxtjimxsu

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  1332-136-0x0000000000400000-0x0000000000418000-memory.dmp
- Size
  
  96KB
- MD5
  
  8af76491e6cbf9222980b44063fa0a01
- SHA1
  
  06218f8d7a01e4afa2e2e7b12482b9865e4d6214
- SHA256
  
  377266f1e3d18fd7b57a1073b2c94d506dbbaf7fcc5bd9fa89404b7806ffbc6b
- SHA512
  
  0ad05d04e953846ab6d38d44e0c389251e6fb2fd2c18febffbdb812bf01d4ff4662c6e461d6776606d014c2284d84b50fac51d7fbab718e106d2d92dc0561c6a
- SSDEEP
  
  1536:EUzkcx4VHsC0SPMV7e9VdQuDI6H1bf/j8anTQzc2LVclN:EUwcx4GfSPMV7e9VdQsH1bfoaTQPBY
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ratdefaultasyncrat

behavioral1

behavioral2