Overview

overview

10

Static

static

1

Client.bat

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client.bat

  • Size

    285KB

  • Sample

    240529-sgxy2aag65

  • MD5

    11d0ec79c570680b49e51ec9615c9c0f

  • SHA1

    23cc16c0ac164a715ffd3f1a56a3356f49fa2d00

  • SHA256

    1edf4604b1042a2626abe47853ec278ac942fff37e730043af316103e4305f40

  • SHA512

    5db251f528abfd6296ee0d0b40d46223e4ef540e9bcda68c1f2975ba4f105a6b4cfec48eafffbf47376fbdfb22d138f97883d753a645cf9c7d34ade6e91d159d

  • SSDEEP

    6144:ZH/xsnUH5tGiqVF2D0zsBuxHXuiG5C4Mu0wyMutqB:1xttGVzbQB

Score
10/10
asyncratdefaultexecutionrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

147.185.221.19:38173

Mutex

uuhaiushdishajkdhwuasudh

Attributes
  • delay

    1

  • install

    true

  • install_file

    svhost.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Client.bat

    • Size

      285KB

    • MD5

      11d0ec79c570680b49e51ec9615c9c0f

    • SHA1

      23cc16c0ac164a715ffd3f1a56a3356f49fa2d00

    • SHA256

      1edf4604b1042a2626abe47853ec278ac942fff37e730043af316103e4305f40

    • SHA512

      5db251f528abfd6296ee0d0b40d46223e4ef540e9bcda68c1f2975ba4f105a6b4cfec48eafffbf47376fbdfb22d138f97883d753a645cf9c7d34ade6e91d159d

    • SSDEEP

      6144:ZH/xsnUH5tGiqVF2D0zsBuxHXuiG5C4Mu0wyMutqB:1xttGVzbQB

    Score
    10/10
    asyncratdefaultexecutionrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks