Overview

overview

10

Static

static

1

59c388b975...51.bat

windows7-x64

1

59c388b975...51.bat

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a65e873839228c5b453d6effa5d14d16.bin

  • Size

    126KB

  • Sample

    240418-b2ke1afe43

  • MD5

    2c0a265240f13a485ab8d8523526fdbc

  • SHA1

    884e2b93d51e6afdba8a5c1e3b00389f892d1247

  • SHA256

    9ab3f1afc5255582729325d13f790dd151b90ccd3f13170c4e0b0dd51dc40142

  • SHA512

    1f9a1c5de49ece94c5ec28473f83bc6818bdc17d163f6137ac45b1aae3a55abcce9eb188d29fe81417308bf34306aa5c95834b25f20046c693298e92f20f7437

  • SSDEEP

    3072:KO17CSGJmH2rInS2UNQax4tfnsWnoO1+DYS/MwzPSPymR1:N17csQE74WN5WYOpPaJ

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

194.48.251.169:4449

Mutex

wmdekgrrot

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      59c388b975d290fa525ffefe5aaecb011219ebd3121a7e79e913d980fb7af951.bat

    • Size

      6.9MB

    • MD5

      a65e873839228c5b453d6effa5d14d16

    • SHA1

      40be429e0e6b41061f3291d10e720eaebf32eda1

    • SHA256

      59c388b975d290fa525ffefe5aaecb011219ebd3121a7e79e913d980fb7af951

    • SHA512

      84ec1da7d5f5fe236c7fbe960b69d99ae0b6d3fe83844cd2bf3128508d39ad1de35f17dcb101e06fb25b155a806885bb5d6d095fbf3e0a3c729c678fa200f850

    • SSDEEP

      24576:ClNzlllllllllllllllllllllllllllllllllllllllllllllllllllllllllllg:/

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks