asyncrat | 01acf24e5951a2d6d9723153be9bded08a12a93eb0d2d23296e46946398ad47d | Triage

Sharing

General

Target

dfsdfsefsdf.exe
Size

314KB
Sample

240803-r3da3s1cqg
MD5

1e70b1f2dfa3d0fac7676bf4c640ab26
SHA1

212ec263d1ad3d8b253ab333add181f05ab29f5f
SHA256

01acf24e5951a2d6d9723153be9bded08a12a93eb0d2d23296e46946398ad47d
SHA512

599a624c274069f011c580419dab9484b1efd23881cadb1b740809c6a29325ff2d2b3b0b828ea9ba0d37e83fb524b8d5052b8a9151be56b9d6cc503cedefb9c9
SSDEEP

6144:CUGv5Qw2U2sdKRUtlKZIIHDmu+Bi2OQbQzyu:qvOwrrdPIauCysQP

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

127.0.0.1:4449

127.0.0.1:448

127.0.0.1:30335

147.185.221.21:4449

147.185.221.21:448

147.185.221.21:30335

Mutex

svgzneojcizyxlbkbtz

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  dfsdfsefsdf.exe
- Size
  
  314KB
- MD5
  
  1e70b1f2dfa3d0fac7676bf4c640ab26
- SHA1
  
  212ec263d1ad3d8b253ab333add181f05ab29f5f
- SHA256
  
  01acf24e5951a2d6d9723153be9bded08a12a93eb0d2d23296e46946398ad47d
- SHA512
  
  599a624c274069f011c580419dab9484b1efd23881cadb1b740809c6a29325ff2d2b3b0b828ea9ba0d37e83fb524b8d5052b8a9151be56b9d6cc503cedefb9c9
- SSDEEP
  
  6144:CUGv5Qw2U2sdKRUtlKZIIHDmu+Bi2OQbQzyu:qvOwrrdPIauCysQP
Score

10^/10

discovery asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultdiscoveryrat