asyncrat | 84a6d93e448ba0deb6b78792cd98f1d978430693be39be1f7e74f82a67d90f60 | Triage

Sharing

General

Target

2444-200-0x0000000000BC0000-0x0000000000BD8000-memory.dmp
Size

96KB
Sample

240124-ah6cpaded5
MD5

e10d9ccba2137c46954bbc8dadd376b9
SHA1

f9f208d3fbd93f654883d3a70451a91a176b6914
SHA256

84a6d93e448ba0deb6b78792cd98f1d978430693be39be1f7e74f82a67d90f60
SHA512

6cd1509b65219ee1049ffcedbd85b1cc5a35b83ff5b4143e9f38ee4ef37c20dcf16b2a16b6264bd3e253b45e80ba66fe5c8a26cb9bcf08a3ae97b849631aa51e
SSDEEP

1536:KaUqAcxVMW7eTmJ9rxjJTkdK4WaxHdSzPMwy/eqmmRhdWVH1bfbCeZkwzUIbVclN:KaUTcxVMW7eiJ9rxjJTkdK4WaP0PMwh6

Score

10^/10

asyncrat exodus rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.2

Botnet

Exodus

C2

91.92.255.187:4449

Mutex

ypyertvpyqfr

Attributes

delay
1
install
true
install_file
chromeupdate.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  2444-200-0x0000000000BC0000-0x0000000000BD8000-memory.dmp
- Size
  
  96KB
- MD5
  
  e10d9ccba2137c46954bbc8dadd376b9
- SHA1
  
  f9f208d3fbd93f654883d3a70451a91a176b6914
- SHA256
  
  84a6d93e448ba0deb6b78792cd98f1d978430693be39be1f7e74f82a67d90f60
- SHA512
  
  6cd1509b65219ee1049ffcedbd85b1cc5a35b83ff5b4143e9f38ee4ef37c20dcf16b2a16b6264bd3e253b45e80ba66fe5c8a26cb9bcf08a3ae97b849631aa51e
- SSDEEP
  
  1536:KaUqAcxVMW7eTmJ9rxjJTkdK4WaxHdSzPMwy/eqmmRhdWVH1bfbCeZkwzUIbVclN:KaUTcxVMW7eiJ9rxjJTkdK4WaP0PMwh6
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ratexodusasyncrat

behavioral1

behavioral2