asyncrat | b94b7a454e4cdc481bdcfca49017d9e4b4780f955940db8d1c1fdf1f85f05a12 | Triage

Sharing

General

Target

Client.exe
Size

67KB
Sample

240708-lztwrswdkg
MD5

a48832c6a3dd1a02a24ddcac51e2db28
SHA1

7dcf3d1e61b80e4014b0cdaf2eafd494dec82504
SHA256

b94b7a454e4cdc481bdcfca49017d9e4b4780f955940db8d1c1fdf1f85f05a12
SHA512

48b3599ca31c652e014161b33b40c86533aff987439b48f3e115eb15a1fd1b12d180f06273d6d368aa18663d381c15a1647282f8eed24f9535e1a71054c9245f
SSDEEP

1536:NJInX1VosLNPMSfjNeeiIVrGbbXwvfGC1YGqcDpqKmY7:NJInX1VosLNPjjweXGbbXGcLcgz

Score

10^/10

asyncrat venom clients rat

Malware Config

Extracted

Family

asyncrat

Version

5.0.5

Botnet

Venom Clients

C2

127.0.0.1:4449

127.0.0.1:80

192.168.100.36:4449

192.168.100.36:80

Mutex

hahahahahahaah

Attributes

delay
1
install
true
install_file
hi.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Client.exe
- Size
  
  67KB
- MD5
  
  a48832c6a3dd1a02a24ddcac51e2db28
- SHA1
  
  7dcf3d1e61b80e4014b0cdaf2eafd494dec82504
- SHA256
  
  b94b7a454e4cdc481bdcfca49017d9e4b4780f955940db8d1c1fdf1f85f05a12
- SHA512
  
  48b3599ca31c652e014161b33b40c86533aff987439b48f3e115eb15a1fd1b12d180f06273d6d368aa18663d381c15a1647282f8eed24f9535e1a71054c9245f
- SSDEEP
  
  1536:NJInX1VosLNPMSfjNeeiIVrGbbXwvfGC1YGqcDpqKmY7:NJInX1VosLNPjjweXGbbXGcLcgz
Score

10^/10

asyncrat venom clients rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratvenom clientsasyncrat

behavioral1

asyncratvenom clientsrat