asyncrat | aa7bac8f487e48aebeb4314e00ea2f965e565d7cf5add605b649f4c0dfc21b1a | Triage

Sharing

General

Target

18480524505.zip
Size

5.1MB
Sample

240806-vefcbayaqb
MD5

a0c188cac2e6a7835466d9f0497c9f0c
SHA1

bb9ee9ce87e14771bda7384adf9a0345ede43c1e
SHA256

aa7bac8f487e48aebeb4314e00ea2f965e565d7cf5add605b649f4c0dfc21b1a
SHA512

b7faecd123a201a2f5d44d3665294c34bb2598f4804f991b3502aeddaa49e6931befe7f37eada276275efe0d5187f1e16727f225c5176249b0da0a6c4896206d
SSDEEP

98304:zIT1JOssb72iuQYNPmaFuAWo58XUsxmiC4OB+v5ngxca/zOsp43LOGPq44QnDKd:zI5vsbaiuRN+apD58XU+B0oxgFasp43A

Score

10^/10

asyncrat default discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.2

Botnet

Default

C2

91.92.248.82:4343

Mutex

mjbrqycafbygy

Attributes

delay
11
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  77e6d7aee5bef0a0ea6ab7ada94420b3ddef461bc51b0fface3a75e2eb1965e7
- Size
  
  8.7MB
- MD5
  
  32b22925a8b07544e2d4fc57dd79ba0f
- SHA1
  
  338fbb0d2e7b06c87c94dc7888fdb6e9d712e800
- SHA256
  
  77e6d7aee5bef0a0ea6ab7ada94420b3ddef461bc51b0fface3a75e2eb1965e7
- SHA512
  
  708a0de7a1e4d420aa9ceb85529f0fea5cacf9774732860cc037d8b359f505cddd5f59a2fa0f242fcfa0c245a299555404c26d14df91c751a661811dad5450ba
- SSDEEP
  
  98304:NF3hbrGUjo4lV0UQy82tRdC9fy56u3z2IjJYE:NvbaUjo4nlFzdC9Q6H6J
Score

10^/10

asyncrat default discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoverypersistencerat