asyncrat

General

Target

8090d3ff2bf334b750478761c31bf25e.bin
Size

289KB
Sample

240729-dl8h1azfkn
MD5

1627fc1cf9bcf0ca69f990dc12b39ad4
SHA1

4325c9004b0d68b73cde4d12aea9e7e776366da2
SHA256

bc2b2ae78d661c4577be52e1cf5ebb423d2b67ca6869fbd44709db0afd5a4727
SHA512

3333c44eb15994836bd856e44b6c570f8ec39cad083e77ffc9cf50dad36c66fae51c2cd81c8611c762c805d6fdb1773b5dc9e2ab9a54f77219e19564c756ef14
SSDEEP

6144:4RegGVNO5vQMFS35/AYripvoMsxWQmXndnTPO3s0FoOtkIGaCETLpmW:4ROV1MUBApvPsxWQ+WLoOtkDFHW

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.2

Botnet

Default

C2

94.156.79.190:4449

193.222.96.24:4449

Mutex

aqswvfsywrpgi

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  g2m.dll
- Size
  
  389KB
- MD5
  
  640c7c7efae54cc8db95b07151c1e70d
- SHA1
  
  f5b6b37f8940a558cd0c4a5bc5bd8a668a4e61aa
- SHA256
  
  e9f6dc3f1bd84642326784c7eb700125b548aa9522ad35eaf36903fbb1b5650e
- SHA512
  
  694273fec690b2751a36b964679d3df58a4a66689bb507db20a0beef743f983b36a46589d6642eef1e625478d523186d84436028e23c833a601908d9cade73a9
- SSDEEP
  
  6144:OXF8n/X2S6WUvk9pMT2/JBTe/h3/DdEG2nAOhn73i4:O6/76Tk3JBTmqAOk4
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  runvm.bat
- Size
  
  49B
- MD5
  
  1ab4dc21dcb24f5b7345ce5c0b794b82
- SHA1
  
  18f722ad31ee9d81181f8ca2cef60a70b03bb030
- SHA256
  
  ac2103023d146e62c3b708384ae0ed044d17258901272068ef93c15c9f5aa06e
- SHA512
  
  83f1d566b8f5b7875811762433cf7c2722225c789a3b917b2c4184a442d9d6af9c6fe703ce354d223824cfe8ed86e6e7780ec02008c093298fbcd3c08840dbdd
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
behavioral3 behavioral4
- Target
  
  vm.exe
- Size
  
  39KB
- MD5
  
  f1b14f71252de9ac763dbfbfbfc8c2dc
- SHA1
  
  dcc2dcb26c1649887f1d5ae557a000b5fe34bb98
- SHA256
  
  796ea1d27ed5825e300c3c9505a87b2445886623235f3e41258de90ba1604cd5
- SHA512
  
  636a32fb8a88a542783aa57fe047b6bca47b2bd23b41b3902671c4e9036c6dbb97576be27fd2395a988653e6b63714277873e077519b4a06cdc5f63d3c4224e0
- SSDEEP
  
  768:YRQnUhG5bZDOTpkdD82YbQkRFokFWIILPUh:FWObZDOTpk5T6zqAh
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Async RAT payload

AsyncRat

Async RAT payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6