asyncrat | bf9aa6957a814d551d3ba7f96690ff76c79ff884718b3a0f16ab17b96c2637ff | Triage

Submit
Reports

Overview

overview

Static

static

1

Anarchy Panel 4.7.7z

windows10-2004-x64

Resubmissions

14-08-2024 22:02

240814-1yattssdkl 7

14-08-2024 21:57

240814-1vba7axcqg 10

14-08-2024 21:49

240814-1pk87sxakc 10

Sharing

General

Target

Anarchy Panel 4.7.7z
Size

52.3MB
Sample

240814-1pk87sxakc
MD5

40fa4dfb75a2ff3595435c374a5f5e68
SHA1

2086fd6c2f38fb20e87a50cf3ee27dfb68fa3843
SHA256

bf9aa6957a814d551d3ba7f96690ff76c79ff884718b3a0f16ab17b96c2637ff
SHA512

a0655a97428c2a1981015c7b819a207d119b82fe88242f8a0e703adf3eedd386de73412e428dfce1fcedacbbb04ff23775c66e21584f27b5065ed32f510da3de
SSDEEP

1572864:AN5bnkUpaR1Ju0aVJfQF593gMr8okmaHY5q2iSBHxhj3lF:Q5bkxbJOJfnMYoriIRhX

Score

10^/10

asyncrat stealerium stormkitty default rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

Anarchy Panel 4.7.7z

Resource

win10v2004-20240802-en

asyncrat stealerium stormkitty default rat stealer

windows10-2004-x64

18 signatures

600 seconds

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:5050

Attributes

delay
1
install
true
install_file
sex.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Anarchy Panel 4.7.7z
- Size
  
  52.3MB
- MD5
  
  40fa4dfb75a2ff3595435c374a5f5e68
- SHA1
  
  2086fd6c2f38fb20e87a50cf3ee27dfb68fa3843
- SHA256
  
  bf9aa6957a814d551d3ba7f96690ff76c79ff884718b3a0f16ab17b96c2637ff
- SHA512
  
  a0655a97428c2a1981015c7b819a207d119b82fe88242f8a0e703adf3eedd386de73412e428dfce1fcedacbbb04ff23775c66e21584f27b5065ed32f510da3de
- SSDEEP
  
  1572864:AN5bnkUpaR1Ju0aVJfQF593gMr8okmaHY5q2iSBHxhj3lF:Q5bkxbJOJfnMYoriIRhX
Score

10^/10

asyncrat stealerium stormkitty default rat stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Stealerium
  An open source info stealer written in C# first seen in May 2022.
  stealer stealerium
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Async RAT payload
  rat
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratstealeriumstormkittydefaultratstealer

© 2018-2024

Terms | Privacy