asyncrat | b97e887c34e4c51185710f3e495bb479a3a5376b0fa5c8a3828ecc12ff4bcab9 | Triage

Sharing

General

Target

b97e887c34e4c51185710f3e495bb479a3a5376b0fa5c8a3828ecc12ff4bcab9
Size

1.5MB
Sample

231207-s4qs8sch94
MD5

9ad26bb1c0b4b036924ca19466970f68
SHA1

b6079c55e40206fbc4d1ead67d36ba7d8b850eca
SHA256

b97e887c34e4c51185710f3e495bb479a3a5376b0fa5c8a3828ecc12ff4bcab9
SHA512

33f71941d5c0e9c6598468d8f1837ecc3f4d204d936d23469ddf178de9c147b06f3bed2c616e1a156192c397f499c3c01406846a993a81f50dd4328efe7f1a4d
SSDEEP

49152:LfwEitJhjw4g6Rcdz8brR4WdzbcLav8TWwzzeWof94TV/F8RvF9:8EiJjRg6Rcdz8brRxd0LavKLof98V/FO

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

113.207.105.195:15806

Mutex

hanpmclowlyazr

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  b97e887c34e4c51185710f3e495bb479a3a5376b0fa5c8a3828ecc12ff4bcab9
- Size
  
  1.5MB
- MD5
  
  9ad26bb1c0b4b036924ca19466970f68
- SHA1
  
  b6079c55e40206fbc4d1ead67d36ba7d8b850eca
- SHA256
  
  b97e887c34e4c51185710f3e495bb479a3a5376b0fa5c8a3828ecc12ff4bcab9
- SHA512
  
  33f71941d5c0e9c6598468d8f1837ecc3f4d204d936d23469ddf178de9c147b06f3bed2c616e1a156192c397f499c3c01406846a993a81f50dd4328efe7f1a4d
- SSDEEP
  
  49152:LfwEitJhjw4g6Rcdz8brR4WdzbcLav8TWwzzeWof94TV/F8RvF9:8EiJjRg6Rcdz8brRxd0LavKLof98V/FO
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2