asyncrat | 8aa1a1ed5363325bcfc1be7b3edf4c30743655a93b96f267b79f6c5e219dbd80 | Triage

Submit
Reports

Overview

overview

Static

static

3

CryptoMiner.exe

windows11-21h2-x64

Sharing

General

Target

CryptoMiner (extract.me).zip
Size

10.1MB
Sample

240526-pdw1sabc7t
MD5

1e3613a980866b393e71847179df9e63
SHA1

5cba9ef42dae0d4562cae686aae04679d10d6a11
SHA256

8aa1a1ed5363325bcfc1be7b3edf4c30743655a93b96f267b79f6c5e219dbd80
SHA512

5029c27999403f86bec39d2b45c297ff48c5f3c4a730db5eed501330ff3da308b8ffa4473102a617a18a2435ab56a2e66571e56878d95b77a8883c177132355b
SSDEEP

196608:eNxAYQHajnM45ZnkufGpAYpp6WpFJr8HlEy/UQmmgxA46s+EexlFkNCbOib:0mHa4wFkqScWpPrfy/UCQvYEebVbZb

Score

10^/10

asyncrat default execution pyinstaller rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

CryptoMiner.exe

Resource

win11-20240426-en

asyncrat default execution pyinstaller rat

windows11-21h2-x64

15 signatures

1800 seconds

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

10.0.2.15:9090

10.0.2.15:52033

147.185.221.19:9090

147.185.221.19:52033

Mutex

yigdzohbebyxyvvzbc

Attributes

delay
1
install
true
install_file
Steam.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  CryptoMiner.exe
- Size
  
  10.2MB
- MD5
  
  9ba0409e811ef6d27c9a82333f694433
- SHA1
  
  04553002c4991a83569146e3f95dd3f67e227955
- SHA256
  
  c5c148ddedaed6dcb60b5b2c709baa89f28434e2122dad2806061380f97cbaf9
- SHA512
  
  f0ca59ecd99b50b40be7aad91b2fe4b4f35cecd3f037e2b57fe2e222347f57c9e57ecea2189f19eceb816f8c73ff8b6ffdf2484de3172200d844423bb8bf2564
- SSDEEP
  
  196608:gEZxSyoRSHxwS5V9Wu7WzSM9hAAHNXroVTEyxQIV+I78S6gSYeNlFU7aj2s:gE70RSa2HWUoCAHRrhyxQA7bMYe/bj7
Score

10^/10

asyncrat default execution pyinstaller rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultexecutionpyinstallerrat

© 2018-2024

Terms | Privacy