asyncrat

General

Target

statement_report.vbs
Size

3KB
Sample

240111-cl9wdsceer
MD5

6b937b9cec12fb4c35f013f1616b2c5f
SHA1

7cf302f45f71fe51baf8037369b85f8b864475b6
SHA256

4ae4de137b7769456036f7007236717c9d1e9eb4e80863175ac7709e499141f8
SHA512

e9017e50f9a35227e2e77749460faf6391212f722d1f9311c43d137f21780dc3f8cbe67ce4d267d5f96b8b8e83647fc673b479eb10b0dffd001b66c6655a3cfb

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://wallpapercave.com/uwp/uwp4203994.png

exe.dropper

https://wallpapercave.com/uwp/uwp4203994.png

Extracted

Family

asyncrat

Version

5.0.5

Botnet

Venom Clients

C2

moonvenom4449.duckdns.org:4449

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  statement_report.vbs
- Size
  
  3KB
- MD5
  
  6b937b9cec12fb4c35f013f1616b2c5f
- SHA1
  
  7cf302f45f71fe51baf8037369b85f8b864475b6
- SHA256
  
  4ae4de137b7769456036f7007236717c9d1e9eb4e80863175ac7709e499141f8
- SHA512
  
  e9017e50f9a35227e2e77749460faf6391212f722d1f9311c43d137f21780dc3f8cbe67ce4d267d5f96b8b8e83647fc673b479eb10b0dffd001b66c6655a3cfb
Score

10^/10

asyncrat venom clients rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Async RAT payload

Blocklisted process makes network request

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2