asyncrat | a906b97520b2cea778426a1e634890e9142930f2dd47ccf8fe3781a15050adc1 | Triage

Sharing

General

Target

a906b97520b2cea778426a1e634890e9142930f2dd47ccf8fe3781a15050adc1
Size

7.7MB
Sample

240729-mf433atckr
MD5

02a576c11678bb469de93edf81dfdda3
SHA1

dae0bffab8bb5d17803262275b7803557d756e03
SHA256

a906b97520b2cea778426a1e634890e9142930f2dd47ccf8fe3781a15050adc1
SHA512

4b5e6698e52f66cb32ed7c8a3765a9594cb2ab42a52bee5f525a1d23903846bbea49fae57b5ab64f97a6f4f393857319eab0905be463543eef30193cb6ed8431
SSDEEP

24576:EJ2pbDE+yLMitYU03YDNrb+wLmS4rDILywPnt79Re50X5rqlI:+sDRxit70IDNr/4HILywPt7i

Score

10^/10

asyncrat default execution rat upx

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.2

Botnet

Default

C2

41.216.183.111:4449

Mutex

kcnzlaqzjkle

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  a906b97520b2cea778426a1e634890e9142930f2dd47ccf8fe3781a15050adc1
- Size
  
  7.7MB
- MD5
  
  02a576c11678bb469de93edf81dfdda3
- SHA1
  
  dae0bffab8bb5d17803262275b7803557d756e03
- SHA256
  
  a906b97520b2cea778426a1e634890e9142930f2dd47ccf8fe3781a15050adc1
- SHA512
  
  4b5e6698e52f66cb32ed7c8a3765a9594cb2ab42a52bee5f525a1d23903846bbea49fae57b5ab64f97a6f4f393857319eab0905be463543eef30193cb6ed8431
- SSDEEP
  
  24576:EJ2pbDE+yLMitYU03YDNrb+wLmS4rDILywPnt79Re50X5rqlI:+sDRxit70IDNr/4HILywPt7i
Score

10^/10

asyncrat default execution rat upx
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Command and Scripting Interpreter: PowerShell
  Run Powershell to execute payload.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultexecutionratupx