arrowrat | e2ed986394cf247495d37901772aad9f4f87bc2f03f65e0ead9706b9e51b66fa

Sharing

Copy URL

Twitter E-mail

General

Target

New folder.zip
Size

16.3MB
Sample

230405-r7nydafd44
MD5

145aebc64c4fcd7c8937efd5b1d7a187
SHA1

b3b94d0bbdfa5487564b6700423b033a8abda318
SHA256

e2ed986394cf247495d37901772aad9f4f87bc2f03f65e0ead9706b9e51b66fa
SHA512

546934eb868368c42613849d49ef98e21bc2b38131b0fa47bc56a8e73051564ae32146baf89065b5dc1d5b3d32c5b3fb969171acc87efa20ce630eab4ae00e0c
SSDEEP

393216:pCe7+Z/CbK/P8uFT5lYUwDf8FVg5DeiV+5tXXw2gGy+SXx4rWk+Fk2FQV29ItSH6:U/Zc6dFTjQf6yMistnWmSXyyXhFQ8qSa

Score

10^/10

arrowrat asyncrat %group%agilenet rat

Malware Config

Extracted

Family

arrowrat

Botnet

%Group%

%Hosts%:%Ports%

Mutex

%MTX%

Targets

- Target
  
  New folder/7z.exe
- Size
  
  436KB
- MD5
  
  3e797119e0fd64297cb82794b8d68edd
- SHA1
  
  a67d3b35743f6ca383673a3848b8c97ec164cc0d
- SHA256
  
  c7245e21a7553d9e52d434002a401c77a7ca7d0f245f2311b0ddf16f8f946c6f
- SHA512
  
  1378c54a3a1c5bd73c04e787d218f245024625003d689379013f1343c7f9e6282d670c3d68edce6006629ca90cddd27ac3f53f640f96c4936bbff319658caef8
- SSDEEP
  
  12288:4DRHJamC1E+3ZZ4jjEKDywIYCsdtpu7Cdw:ghF+3ZZ4lRk7h
Score

1^/10
behavioral1
- Target
  
  New folder/BouncyCastle.Crypto.dll
- Size
  
  2.5MB
- MD5
  
  3551343fab213740bbb022e3a6dcf27b
- SHA1
  
  de67fb4f9d58db4a860a703c8d1f54ff00ff9b1f
- SHA256
  
  5530dff976bc0c889076b97ca695bdb97ef07f63449d32f893ed32398ed8bfe6
- SHA512
  
  e90f51053e1d4b0ea1f7458229de92174abf0781c766290da4de5cc8dfcfb730998252bf28b36ca5070978fdcea8b97f0aea6a47b875dd34173643ac0cb46c42
- SSDEEP
  
  49152:3CTzhVM0AU5d3UOhq8hmReOUJfd5T3D+VTQlgQeCKbu9kQLO0:GwU5d3vhzhmoOmfd5rqX0
Score

1^/10
behavioral2
- Target
  
  New folder/Guna.UI2.dll
- Size
  
  2.0MB
- MD5
  
  0188fce753516183a41c4d146e337778
- SHA1
  
  eb0f5324e8dd08a181d4bdfc1d90543077b2ee67
- SHA256
  
  ee4449bccf826cbc56c13087d54a1a69fd42464d437ce8f355ac6afb61df6829
- SHA512
  
  b3aafc9a80eec37556f4e60ab23579dd7d42c060b3ca2064d6d0c16901b54500503750868bef651a01401551551e372ac9fd459029c5d0efdd2aa385384916fc
- SSDEEP
  
  24576:SANEfBpDsH/bTIRPZyiXeq+Tc7XRbF+TSgkrwf9Pa3oZm8jqG4LEx1npSBeX673f:Sz9+OgRpUwXpUeXQq5dn
Score

1^/10
behavioral3
- Target
  
  New folder/Microsoft.Win32.Primitives.dll
- Size
  
  20KB
- MD5
  
  76b8d417c2f6416fa81eacc45977cea2
- SHA1
  
  7b249c6390dfc90ef33f9a697174e363080091ef
- SHA256
  
  5eaa2e82a26b0b302280d08f54dc9da25165dd0e286be52440a271285d63f695
- SHA512
  
  3b510cdc45c94be383c91687c2cb01a501ba34e3fbb66346214fc576d6f0e63c77d1d09c6419fc907f5b083387a7046c0670377ad2e00c3ec2e731275739f9c7
- SSDEEP
  
  384:/N9VWhX3WsQBm0GftpBjvmaQHRN7YlgaGn7rJd0:1GmViYL0Gff0
Score

1^/10
behavioral4
- Target
  
  New folder/Plugins/Discord.dll
- Size
  
  27KB
- MD5
  
  b591cff18fd7344243cf8a4eca624a65
- SHA1
  
  29f9134bb33d429d27b87e6f2112b6753e1dcae4
- SHA256
  
  6a43095314d5e32db307eef638d2f5afea7dd40ff6acda24fc28ce0c1632cb6a
- SHA512
  
  ae1aa8db37182a4b8ee06249da6304c1c105adf06b2091cf24b3e79ad1d6d1a6eaab12bf059cd86deb04b7084d563a25d5bbef6ddf7857c1a34fc0e0032664fc
- SSDEEP
  
  384:HfzPwa/ppmIwuCfMeSmfbQFFVBdseXG3cGh+JaL6lkSggL5XxXIUdwmuJpSVmlY2:HhGIwhPgh0Jd+5XxjwmuJpSV/I7
Score

1^/10
behavioral5
- Target
  
  New folder/Plugins/Extra.dll
- Size
  
  34KB
- MD5
  
  17db58471bf45715ba46b5af7920d676
- SHA1
  
  0ab236a6d554597dac8fc40fc3e1a29f905c0275
- SHA256
  
  dae673b838de497c1aa8a558d4dd5963d90e8b21538cb0d9adce585ef6fbc915
- SHA512
  
  29432c0d19be6ae8c8ab68ab1a7c4007d502222b329f9a0bfb994427f182028aeeacc199dd27334cdc0adabbdee7a07a3d24826ed67b05711c2370a4b7395265
- SSDEEP
  
  384:0hfLE8JhqmxGhnGOheE6qCtdKudseXG5JN2ahDkz7R3bu6jUwv5YacMvvp8D5K8:wQ8hxGWCkQuMPkv5YdAva9IKqbnMK
Score

1^/10
behavioral6
- Target
  
  New folder/Plugins/Fun.dll
- Size
  
  36KB
- MD5
  
  e07004ec43ed994b9a11999145f5a43a
- SHA1
  
  00cba09ae5a38dcfdbac1a8cff9cd1fff2c0b3e7
- SHA256
  
  2b25c33a033bdc85ea4db8c3ea89bbfc7d1a1dd80d21a1835bba5672759efdd9
- SHA512
  
  39948577cf0185ffbda3c2757c7fa746e41a169ca7fa0a3718cc564fbbec439b047bc540fbd5ac59908965424ef11f6564d9795b101bfc58656247e76b0c88f5
- SSDEEP
  
  384:T7fLviWK1Xr4GtVmEc6BktslnlrqKQdseXGtrR52bhimwy0Xprnhc4r/f7rpVqKX:fGXFEGtMqS2lnhQk95Z3nhXrLDUCE+
Score

1^/10
behavioral7
- Target
  
  New folder/Plugins/Keylogger.exe
- Size
  
  10KB
- MD5
  
  4f846f2117c4eab285289b0090521b1e
- SHA1
  
  e25287c39bad32159417c5f0bf798625b6beff45
- SHA256
  
  a17a5bf35d8b784c3111632ba7e0c30a2c1a9c2c95b549235affc16d6d055477
- SHA512
  
  fd946b5f7c3c7d32f226897283de7ba3b4a4ecc2919c363877f1258cd24ed1a52bce53af2fe4ef34c4ac30d00fc456fd4e1593b79c37f7c22211f2c4f6092e5e
- SSDEEP
  
  192:irtmcuq65SoDxi4maEYbRzmEsLkjgv5JHT1eJYHcwY7fazB+LEi:irtlF60GE9rUhVsLF5p1rYydmE
Score

1^/10
behavioral8
- Target
  
  New folder/Plugins/Options.dll
- Size
  
  377KB
- MD5
  
  0fd19be97a94b00e440d14b06449cf92
- SHA1
  
  c0ce1911fe5ddd5d9b9446b16df6c51a555e5415
- SHA256
  
  0460389a3845a271ba5d65b30b66c57458f2373d75aad94e92416d772d06df5d
- SHA512
  
  1049d90236b43a617ee3ede56ed175a39d1bf090ad1469f9edf71d91fdd7267b1aacdd3303a1ead11785aed2bc31dbb9fb1b2f15461cc793c7ab7c8b8f31e9f5
- SSDEEP
  
  6144:50ZHTjm66pzzevOqsdHUIByYF3ykIGL/ec:50x6Jy2TB7UkIS/
Score

1^/10
behavioral9
- Target
  
  New folder/Stub/Client.exe
- Size
  
  63KB
- MD5
  
  6158c0682f86511060619bba0fe864be
- SHA1
  
  63a1738c87ba9449b1d572ee470da2b242742643
- SHA256
  
  5bf4fc2c4d3115229d60511cad1af48019a4c291ad6144e73393e88e319f80a5
- SHA512
  
  baef40b589d8717f419185ad0885173f790394827d72d78520890ae737c7ee1cebe3af062340847cfe705c223669562e7116f48ab11d59654653a0b269026bd1
- SSDEEP
  
  1536:8WP+BbY58krxvI0TTCNsOoIK7q6LgRAIM8pqKmY7:8WP+BbY5xrxvI0Z7P8R8Xz
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
behavioral10
- Target
  
  New folder/System.Console.dll
- Size
  
  20KB
- MD5
  
  ea9376c17ee0148f0503028ad4501a92
- SHA1
  
  9d5686cbf45e90df5e11d87e7b90173a1a64b1a0
- SHA256
  
  b537313413f80105f143cc144feeae2ac93f44747727de309a71d57d2650034a
- SHA512
  
  18d1bb2d5c469644078d75766dbf04addf7d0c543f7ed15ff522ceeaef960900dd8ec68172f5d684b76b0aa6946bb38d641f021ec04c70ad66a6062c10412e0a
- SSDEEP
  
  384:iRbzriaXT+WlEWLC7Bm0GftpBjXUNZiTaQHRN7hldBoQAYv8:A7icYVisiTLToJYU
Score

1^/10
behavioral11
- Target
  
  New folder/System.Diagnostics.FileVersionInfo.dll
- Size
  
  20KB
- MD5
  
  0d9a641105098d642567b22101a4de0b
- SHA1
  
  12419c25d1c2eb706a4e4e649ee353ceda7446a9
- SHA256
  
  7c25a74772e135257235640a0264ddc05235e14f3627896cfe735e9955155f83
- SHA512
  
  fd4560cdf01de237ddf797a33c5dbc220d3fcae07ede17d43c39f5562e36e03646676a87e20699d7603fca6d84f66c8756eb863dd4727b7e1a499619bb88dde1
- SSDEEP
  
  384:m6oWJjWlC7Bm0GftpBjJeiaQHRN7t2H9lO62gHcXq:m6vpVi+iLtecg8a
Score

1^/10
behavioral12
- Target
  
  New folder/System.Diagnostics.Process.dll
- Size
  
  21KB
- MD5
  
  d86b0aca05321569d9383dc7c4e9e934
- SHA1
  
  2ef7d0a222c3a3e564b3c72d5b71a5be40a7adea
- SHA256
  
  28b165cddb82a2507114394ae398995ef8a50c549214f8678aa66054f6927754
- SHA512
  
  5959e1129c983825233a07869dd1b2b1db32830d2b5f6b7f8d869c39a76a241f88f76d37341fdfbf56f000fc6acba19aeb36a7efb94721494b41b65bf4978651
- SSDEEP
  
  384:Gqk53/hW3fZ+zWQC7Bm0GftpBj6dlwaQHRN7q5blgaGn7i:Gqk53MpViywLGbGu
Score

1^/10
behavioral13
- Target
  
  New folder/System.Diagnostics.Tools.dll
- Size
  
  20KB
- MD5
  
  27c7d752c11c3f43f28eb31968e73e2b
- SHA1
  
  51e466218025126c5e524afd2086f4ab0bf3660a
- SHA256
  
  260c6250ef9b57dca99b4cecc533f9a34857b5a32b5351202f776163841200aa
- SHA512
  
  393d1747911a7f91f4c4f4f363a3782f24e00431478088da454823a223a4e75e51d9b010fc5d9746e2bf0185be90071b6cb70c777337d718b39151eef6b486aa
- SSDEEP
  
  384:UUAlcWHaWlvT1Dm0GftpBjXGIRaQHRN7/lBLY6fIi:29N1DVihGIRL/Yni
Score

1^/10
behavioral14
- Target
  
  New folder/System.Drawing.Primitives.dll
- Size
  
  20KB
- MD5
  
  29b0a1554e54611ebba7911049f26fd3
- SHA1
  
  d707745e72d2f39374f2d28af52aaab7888b93ab
- SHA256
  
  2805a18724a24034ad6acb315dac516e479cecc5f3753204052657e560932d5d
- SHA512
  
  17558306a611bfac6982d5650335b05ea407191290b653c028896142ebee2abceb22f7d71926fbbcc3fab8227c61a5fda0e770abfca021ac7f891c9c7ee42e81
- SSDEEP
  
  384:R28YFlXulWY/W1+109m0GftpBjIaQHRN7T/8ldBoQAYBS:R0qMViaLTwoJYBS
Score

1^/10
behavioral15
- Target
  
  New folder/System.Dynamic.Runtime.dll
- Size
  
  21KB
- MD5
  
  c5cadb1409f25b6a1c7a6dd4c2df236b
- SHA1
  
  a994c87352486d433a06943c01329dd721ab343f
- SHA256
  
  f600acc811720183c639cebe5618baf9c8135b85b9cbdc0758bc9b2dcc6dd7a9
- SHA512
  
  6bd6e482533b9ff8fff8823f84cde7191a0fd5575f76891a95e99cd1f5c1122ef92b436745ec9583089445fd5eac795181759080b1d83ccfa1eed31d9cce3af0
- SSDEEP
  
  384:puMLcdQ5MW9MWf+109m0GftpBjMR5aQHRN7Ljl78oSwDnuB3:AOcSpxVi2Lhawi
Score

1^/10
behavioral16
- Target
  
  New folder/System.Globalization.Calendars.dll
- Size
  
  21KB
- MD5
  
  ac2f4b435ddf0600d7a866f42f3b40d9
- SHA1
  
  0564ff7f7e6084bd6d02d8e6a4127d1c878b3fa6
- SHA256
  
  b56ffb65b842daae13f3020b0b04646db92f89801d2a2f89087d145a996d43f7
- SHA512
  
  dc3e9c3b4d732801dcf43cfd6cdd2672f01e03cb99d804a3f4803fddb9ca9817bcfd2f96fd94b7b33db0994f5478ce200c048db5dbb78d3b24e950262ebf4d28
- SSDEEP
  
  384:3Z7RqXWDRqlRqj0RqFWX5Twm0GftpBjGRqazmHaQHRN76RqIil3uVogC:J9qKqjqjuq0wViGqRLoqItV7C
Score

1^/10
behavioral17
- Target
  
  New folder/System.Globalization.Extensions.dll
- Size
  
  25KB
- MD5
  
  c7c93de0627833900b8379fd181b7351
- SHA1
  
  2cb98f9622f57a0a9e037a378519aa6a271302f6
- SHA256
  
  c7e91bd148ed22ee1ff8ebd3e58b199a30af90aa37499bcf8da34409672f2ed9
- SHA512
  
  1067bacc4495eacbc27937b54780b97da62fed1af66158e2fa492fc82b068d49bb49bc20c3c82c22d8edd300bd7b097e14aa1e317f1789744e188bca15d22b4d
- SSDEEP
  
  384:MNBMbljRC+lgfS1RPWYR1Rw0R9WYRPWYRDRj0R9WQDzDm0GftpBjeXRsTUbaQHR/:MvMhF2SzNzwu/Nlju/ViCLLsBy
Score

1^/10
behavioral18
- Target
  
  New folder/System.Globalization.dll
- Size
  
  20KB
- MD5
  
  ae023bb0beee5189a07c7fd4e0cf3fca
- SHA1
  
  846711d4161a3950facdef97037898a71f4efda1
- SHA256
  
  56bd0c02c734abf4d7fd1ef2e8b6a9e4bf5e4bab4e606cd1023d63b02852fa61
- SHA512
  
  62305027ae8bb5b830630fe54f2cf9e607f9b97ffe28912c2cb15d429252668f17eaf2d7ceecf5601c889d5ea52e0b9100f115173bb11b5d6208171792833c85
- SSDEEP
  
  384:gZ4RLWdRfRJ0RZWw+109m0GftpBjPWR+HaQHRN71RNl78oSwDnud:gZK0pJujViFc6LzrawS
Score

1^/10
behavioral19
- Target
  
  New folder/System.IO.Compression.ZipFile.dll
- Size
  
  20KB
- MD5
  
  bb1a520f25bb93ace4dd0a060fba677d
- SHA1
  
  92bf07ccf32eb9fdf06f446a256e0271c4028bf0
- SHA256
  
  7720ee13405ea8a3c204703a181e67dc6d66835e9df263c09d04d8b48b41eb26
- SHA512
  
  9288148ec879ebeafd53c225854ee3bd3768ba5c7b829d6af1251d20ac301fc27a04bebb603fe2cde6949bc5968fde717e8b747337c1ad872450d26f7c36f515
- SSDEEP
  
  384:OYWsmWs+109m0GftpBjncaQHRN7QlgaGn7G7:O28ViGLMGG
Score

1^/10
behavioral20
- Target
  
  New folder/System.IO.Compression.dll
- Size
  
  79KB
- MD5
  
  b74495ce791ceb565e17ac6ef7417b7e
- SHA1
  
  b928b52db71d3818472088079260e406dc64d79f
- SHA256
  
  9d6216631d192a881c170fba413599f6c79442fa1e933c2000530444d207522d
- SHA512
  
  74b36eb7ec8674a7630d1e7cec364a5add65d0bb14e0bdfae05eb4d206a6f79f1c0e6b92bffc073cc4f4535427731de2fedaddb729327f66d2c085dac66ccf8e
- SSDEEP
  
  1536:NU4ExvNo9jTqlh+e3D/asRCeg5MQk7dmNoOaO3EBoim:a/FLHPz/I8BhmNoOaO3Emim
Score

1^/10
behavioral21
- Target
  
  New folder/System.IO.FileSystem.DriveInfo.dll
- Size
  
  20KB
- MD5
  
  2fcb2158fc41d97e2bb71953664b99b9
- SHA1
  
  16eb49afca84c9e6160b4e5b36f1ec5c98470c86
- SHA256
  
  984575c44cab17d46587af6cc8c22c409b79bec280fd771e6af93a0a0c20e5b0
- SHA512
  
  1527a426f8ec9931573468929966e102012b630ec4aa370c196b2b87472bcee696b00355adaeb39b4151b986470f7dada415e3f930d9678b68d3c531c8ac9b52
- SSDEEP
  
  384:uKcuz1W1cWW+109m0GftpBjFGAaQHRN7PlBLY6fJ:6u8AVi5LvYc
Score

1^/10
behavioral22
- Target
  
  New folder/System.IO.FileSystem.Primitives.dll
- Size
  
  20KB
- MD5
  
  51b07204081bde29a1f84a3b48554186
- SHA1
  
  fca2f72c039937357099ca6e167330e540f8335d
- SHA256
  
  5c84dd40d67c0e59906511d2b09da8e28c454b5979eb5fde74213f9d4bdbc564
- SHA512
  
  099ec1b84fcf6bf07142ad8cd34307c80f19a64c754ade505ab55707075a764fbe7bfa4ce2fbaeaa09b3e61ebdb6e3d116608df0cf77bc076c7b3119db37a324
- SSDEEP
  
  384:W+SWikWL+109m0GftpBjqaQHRN7Dh6l3uVogJ:W+e1ViILDHV7J
Score

1^/10
behavioral23
- Target
  
  New folder/System.IO.FileSystem.Watcher.dll
- Size
  
  20KB
- MD5
  
  3772a3a7e55178ec90ecb607aba28511
- SHA1
  
  68c240d1a43de1678ef13107b9300c544e9d5e4e
- SHA256
  
  c9e2562f1a1b86acdb6957cf916aced9c4f8b71ebb16dfa0050252146205ad37
- SHA512
  
  245f12b4926114ebdb39a54628a1df2501c4a27abd531172cc63bc96298ee0f4be5658ae95fe730c063eadfb1b664c7d201c69c2246cfba23ed5a4fe7ef3d14e
- SSDEEP
  
  384:fAWzgWw+109m0GftpBjeQKaQHRN7Z0lO62gHcXC:ftCVisdLzg8S
Score

1^/10
behavioral24
- Target
  
  New folder/System.IO.FileSystem.dll
- Size
  
  20KB
- MD5
  
  bfceb4faca75681137455cd70f8038b6
- SHA1
  
  bfa0e27be1d56ba48918a9b7ca7090af7779a10e
- SHA256
  
  9a4595dbb128e2d8f373b3ac45478e7131f4d181b50ec821ec8cb88bd46bd5b8
- SHA512
  
  58d7e8d6fa237a6eac018c0a88d6bf76ad9ee49b6a6790b64e68c33ebf80afcb4223881aac6821132b877e7d848bc917eb9490590cdb297f362c9b43143d6713
- SSDEEP
  
  384:9BLRWbYW+f+109m0GftpBjPIuaQHRN7RlgaGn7c:9B20zViFIuLxGQ
Score

1^/10
behavioral25
- Target
  
  New folder/System.IO.IsolatedStorage.dll
- Size
  
  20KB
- MD5
  
  ab8d293bcd7a13e83565b4afa8438988
- SHA1
  
  48f227c62b2001c441bcbc5b570911f096ddf421
- SHA256
  
  0e80a2e256d16e487bc847d1857ed7cd088f176254ba2a385d675338b836b0fc
- SHA512
  
  443dd75234c043de736423466c1fc2ff2bd9b6b9fe753521c3c225de99f5a7d3828a470cf8ea54678a86681949e5dcd1de1eab35bf0f348f758fa099a9092f54
- SSDEEP
  
  384:2HW4/WJvT1Dm0GftpBjE3aQHRN76RlTZVkuu:2ry1DViu3L6HZVC
Score

1^/10
behavioral26
- Target
  
  New folder/System.IO.MemoryMappedFiles.dll
- Size
  
  20KB
- MD5
  
  34e21101faf71a27c6819cc051debc9d
- SHA1
  
  d9df77b4993418337894ff04c6b813224b9f8543
- SHA256
  
  81b6527ac2d18782ac24ae463c11dd1d70ab1bc89f626b7347a592229b371a1d
- SHA512
  
  aa339f2489ca9bc9ef7f6121c9586dbd8f5ad2ca5a160a3bcac74b908570ec2fc0bc24e0ec33ae9de9d6a6c3557ec2816fe8e89ffca93e310503f6f83a691f6d
- SSDEEP
  
  384:Gvk7hWmCWXC7Bm0GftpBjyuGaaQHRN70EflO62gHcXm:Gs7/+Vi1GaLIg82
Score

1^/10
behavioral27
- Target
  
  New folder/System.IO.Pipes.dll
- Size
  
  20KB
- MD5
  
  58a2e5ac0510b9223236b9317c505b58
- SHA1
  
  a00954217ca326c54a863d451820263a6d7ee1af
- SHA256
  
  80a229b2917fc3a5d941ff9745a6be0065028afdf9509300410d2721c71f1198
- SHA512
  
  18736ecfe0ef0c477bf64f89ca97af4578defc996f0a5bad33d7a29af6e09745e4b10d6d543243b9664e40169ee550c996e783c5ffbb0fc767da7ffc63e13fb6
- SSDEEP
  
  384:3GMWCUWm+109m0GftpBjG6VVaQHRN7Utl3uVog4a:33cVi0OVLUOV73
Score

1^/10
behavioral28
- Target
  
  New folder/System.IO.UnmanagedMemoryStream.dll
- Size
  
  20KB
- MD5
  
  d74405753f829e75e89bba5ebc296112
- SHA1
  
  474944856db781a34796bfcce18ecd4580275ad1
- SHA256
  
  86f1f12e47f260985b08bb966598123578eb5e48bef9bb086f04e16e9d53bb32
- SHA512
  
  cdc5d49fcf0249c539e45c9917c152f130c8fee975d97c2f62526f474cb779b2bf273195f4aa7a64f76dd2496528c0d021b56e60aae2635606f9f55092cb47f4
- SSDEEP
  
  384:sBhwI7WSQWfTwm0GftpBjGaQHRN7SRalgaGn7x:sDwIBxwVi0L3Gd
Score

1^/10
behavioral29
- Target
  
  New folder/System.IO.dll
- Size
  
  20KB
- MD5
  
  809fdbd7422a3e02c89244dc530a3367
- SHA1
  
  a6999c04b243b034f8ee7ad0d79f3ce24df9a9d0
- SHA256
  
  c191a43029edd4eb8eee003356f1fe79aa45071c25433a7a3589590e9089eed9
- SHA512
  
  5232b7ef2b60a99be2b027112078a7debf58bfa4308f4ae53dd9a96fa7bccbb0927beb7148e7a3944173f7820f9f519767539d1fdfef848b6f1d6668be11fc15
- SSDEEP
  
  384:iyvPRW4lWkTwm0GftpBj8w0aQHRN7y3lBLY6f4:H39VwViGw0L0Yh
Score

1^/10
behavioral30
- Target
  
  New folder/System.Linq.Expressions.dll
- Size
  
  21KB
- MD5
  
  3b49bf361f3116de28176b40845bc199
- SHA1
  
  5627e53d15e56868dc9082edcae5a653b96b9af1
- SHA256
  
  bf97f67165231c2a42b95f11d80337b082e2b2be54351da44c8a10c06194b369
- SHA512
  
  0fe87438acd6c14401523987be617a83ddfd2b42938fc52e0da5f941f7dc70686cc6436edd41c4998fd56d5f52d64acfab5010b96b1e80c084c4ab9f546202a8
- SSDEEP
  
  384:j6RW6eW++109m0GftpBjeLUaQHRN7es2lGinGEx:j67aVi8ULzSN
Score

1^/10
behavioral31
- Target
  
  New folder/VenomRAT_HVNC.exe
- Size
  
  16.6MB
- MD5
  
  5384c0396589430eeb3d1a2e05703e9a
- SHA1
  
  20da44da7639bbef2f6b5bfc21df7474cd1109af
- SHA256
  
  b4250aff983f1f588593baed1adb4797e6c1ab6225595ebd013b50348a57a459
- SHA512
  
  9bf613ee62b0e56af500dd88f572b2221ad6df63b0b4c0dcb0ef763efcebeac633a95f10dfce90f6cff038df2810681dd55dcdd272eb9f907c670cc2e4f7363a
- SSDEEP
  
  393216:Al9Yl7Elel7ElAlQleTl/l/l/l/l/lzlml/lqlZlHl/l/l/l/l/l/lIlAl+lUl2L:6TXT
Score

10^/10

asyncrat agilenet rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

AsyncRat

Async RAT payload

AsyncRat

Async RAT payload

Loads dropped DLL

Obfuscated with Agile.Net obfuscator

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32