asyncrat | 28754382a728e0d2a417e436fdd07b3989cff1a8457be25b298d91937a99d797 | Triage

Submit
Reports

Overview

overview

Static

static

Cozios-Ima...er.exe

windows7-x64

Cozios-Ima...er.exe

windows10-2004-x64

Sharing

General

Target

Cozios-Imagelogger-main (1).zip
Size

44KB
Sample

240518-s9phcsbb38
MD5

e61527ec1745146d86d037c10ce01e14
SHA1

c4c05ba1ae00fa59b0a8209fccff87fa6e0b40cf
SHA256

28754382a728e0d2a417e436fdd07b3989cff1a8457be25b298d91937a99d797
SHA512

2ae962c00be4847f6d4b055babfc67f6cda9af6e38b001be2b6e915ad39d742a596f2484f2d21db88184b63994b463eca2705527872f91892bb6fd695c67aae4
SSDEEP

768:7ACGQ3eAUrGo+ANfh2tlElvMExnwpmoGJtVxz5BB2t5+ECTk95e:01fT6INfAtlEFMEImTnBB2thQ

Score

10^/10

asyncrat default rat

Static task

static1

rat default asyncrat

3 signatures

Behavioral task

behavioral1

Sample

Cozios-Imagelogger-main/cozios ImageLogger.exe

Resource

win7-20231129-en

asyncrat default rat

windows7-x64

7 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Cozios-Imagelogger-main/cozios ImageLogger.exe

Resource

win10v2004-20240426-en

asyncrat default rat

windows10-2004-x64

11 signatures

1800 seconds

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

Mutex

idjtweoowocnoy

Attributes

delay
1
install
true
install_file
Cozios Imagelogger.exe
install_folder
%AppData%
pastebin_config
https://pastebin.com/raw/LwwcrLg4

aes.plain

Targets

- Target
  
  Cozios-Imagelogger-main/cozios ImageLogger.exe
- Size
  
  81KB
- MD5
  
  23f472ba6e59df467b80af92f43eaf22
- SHA1
  
  7dd4433d3f059ea4a13454991f841c756aba3e47
- SHA256
  
  498b02baa4dee1f19d4d06e45e5eda8bbf386fcce695f07846ac5374c654e406
- SHA512
  
  ecaa60619bc59a546a8100518d5866fc993ae2be340454e6b1ea6a9dc05efa33946198a0e798488659c99c959d937cc63e09ce746d254bcab8a12c233a088468
- SSDEEP
  
  1536:DUxwcx/BVuCkmPMVhAz0M4zyAkIQH1by/4XOp4QzcQ633I6VclN:DU+cx/Bw/mPMVhA1BH1byl4Ql633IIY
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat

© 2018-2024

Terms | Privacy