asyncrat

General

Target

63b0e303a05ad2eb2a93e2f9cd96e50361cf1e0d29f9cab8b0a98d1185347f8a.zip
Size

290KB
Sample

240728-bm4v4asfnf
MD5

8090d3ff2bf334b750478761c31bf25e
SHA1

ec048b210369dd140be8ed66d07ac4466ab5f7e4
SHA256

63b0e303a05ad2eb2a93e2f9cd96e50361cf1e0d29f9cab8b0a98d1185347f8a
SHA512

dfbbb3468c2012bdf920b8c09dfdb655f3e1369ea9465228e505f1d1de3aef9ec9757d7b501c4091c3ff7859f57d2ca646430b4e5cf0e5292ab602b0fb28f654
SSDEEP

6144:/3eshJ2mAOSiLZh4CPIKBZW7ZN7o8PDj6QN9Q1xipM8QHxwM4Dngzi:feshYbDi1OwDW9Ns8PDjxQ1x8MjR6Dnz

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.2

Botnet

Default

C2

94.156.79.190:4449

193.222.96.24:4449

Mutex

aqswvfsywrpgi

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  g2m.dll
- Size
  
  389KB
- MD5
  
  640c7c7efae54cc8db95b07151c1e70d
- SHA1
  
  f5b6b37f8940a558cd0c4a5bc5bd8a668a4e61aa
- SHA256
  
  e9f6dc3f1bd84642326784c7eb700125b548aa9522ad35eaf36903fbb1b5650e
- SHA512
  
  694273fec690b2751a36b964679d3df58a4a66689bb507db20a0beef743f983b36a46589d6642eef1e625478d523186d84436028e23c833a601908d9cade73a9
- SSDEEP
  
  6144:OXF8n/X2S6WUvk9pMT2/JBTe/h3/DdEG2nAOhn73i4:O6/76Tk3JBTmqAOk4
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  runvm.bat
- Size
  
  49B
- MD5
  
  1ab4dc21dcb24f5b7345ce5c0b794b82
- SHA1
  
  18f722ad31ee9d81181f8ca2cef60a70b03bb030
- SHA256
  
  ac2103023d146e62c3b708384ae0ed044d17258901272068ef93c15c9f5aa06e
- SHA512
  
  83f1d566b8f5b7875811762433cf7c2722225c789a3b917b2c4184a442d9d6af9c6fe703ce354d223824cfe8ed86e6e7780ec02008c093298fbcd3c08840dbdd
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
behavioral3 behavioral4
- Target
  
  vm.exe
- Size
  
  39KB
- MD5
  
  f1b14f71252de9ac763dbfbfbfc8c2dc
- SHA1
  
  dcc2dcb26c1649887f1d5ae557a000b5fe34bb98
- SHA256
  
  796ea1d27ed5825e300c3c9505a87b2445886623235f3e41258de90ba1604cd5
- SHA512
  
  636a32fb8a88a542783aa57fe047b6bca47b2bd23b41b3902671c4e9036c6dbb97576be27fd2395a988653e6b63714277873e077519b4a06cdc5f63d3c4224e0
- SSDEEP
  
  768:YRQnUhG5bZDOTpkdD82YbQkRFokFWIILPUh:FWObZDOTpk5T6zqAh
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Async RAT payload

AsyncRat

Async RAT payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6