Overview

overview

10

Static

static

10

Client.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client.exe

  • Size

    252KB

  • Sample

    240418-1dqpjsfd97

  • MD5

    83c9c1823d39ec069cea970e1f1ca1a0

  • SHA1

    bdcbdd6ea4a02e429c7c6a4e66627ef834729ef0

  • SHA256

    15333cd5e0e31fa55c8aec9c7c448c48448d62170860ff42528e6471c8c3aaec

  • SHA512

    4ec559688b9a619a9bc6b7da02bd94ebce670c018c5c5605d9ee493a4621fc3ec67ef20ce4a09dacf8e03c92fcf207c101b49d218e843d206d6dcf4a74f96695

  • SSDEEP

    3072:MUkcxjXZGPMVme9VdQsH1bfCzQEQCR7c2ytBcL5BdkwvTkmEdXYY:MCZGPMVmaesVbKcEnWwvqdI

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

Mutex

mqdprsvdfq

Attributes
  • delay

    1

  • install

    true

  • install_file

    CABotstrapper.exe

  • install_folder

    %Temp%

  • pastebin_config

    https://pastebin.com/raw/LwwcrLg4

aes.plain

Targets

    • Target

      Client.exe

    • Size

      252KB

    • MD5

      83c9c1823d39ec069cea970e1f1ca1a0

    • SHA1

      bdcbdd6ea4a02e429c7c6a4e66627ef834729ef0

    • SHA256

      15333cd5e0e31fa55c8aec9c7c448c48448d62170860ff42528e6471c8c3aaec

    • SHA512

      4ec559688b9a619a9bc6b7da02bd94ebce670c018c5c5605d9ee493a4621fc3ec67ef20ce4a09dacf8e03c92fcf207c101b49d218e843d206d6dcf4a74f96695

    • SSDEEP

      3072:MUkcxjXZGPMVme9VdQsH1bfCzQEQCR7c2ytBcL5BdkwvTkmEdXYY:MCZGPMVmaesVbKcEnWwvqdI

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks