asyncrat | 913c27a9d6e08e37f8fee60c6d5f424d8e220c930071baea68390aaa028ebc72 | Triage

Submit
Reports

Overview

overview

Static

static

3

pic4.jpg.exe

windows7-x64

pic4.jpg.exe

windows10-2004-x64

Sharing

General

Target

pic4.jpg.exe
Size

2.6MB
Sample

240922-m9pv8swgjp
MD5

2881d62826eb02ac92a022b2155e4007
SHA1

6f4f17a34a7c0d0511e417440f40eb6094fa7f11
SHA256

913c27a9d6e08e37f8fee60c6d5f424d8e220c930071baea68390aaa028ebc72
SHA512

a8b09aa3db334e8ab0c7a09749743979bd74e62457a997f3014357c852e6c6875f59dd8f1c09f62c5bb317f7a04f9dc31c9cdd24b2a56fee44c7d600b519010b
SSDEEP

49152:8PHN1/Gcsd7TY1vb6JxKrcETkA6RbsgoT2LsjGjxP5Dr5rAmskf7Wd:CHNNGcG7TY1vM/ETduQBT2LQGjbDrimc

Score

10^/10

asyncrat stealerium stormkitty discovery rat stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

pic4.jpg.exe

Resource

win7-20240903-en

asyncrat stealerium stormkitty discovery rat stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

pic4.jpg.exe

Resource

win10v2004-20240802-en

asyncrat stealerium stormkitty discovery rat stealer

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  pic4.jpg.exe
- Size
  
  2.6MB
- MD5
  
  2881d62826eb02ac92a022b2155e4007
- SHA1
  
  6f4f17a34a7c0d0511e417440f40eb6094fa7f11
- SHA256
  
  913c27a9d6e08e37f8fee60c6d5f424d8e220c930071baea68390aaa028ebc72
- SHA512
  
  a8b09aa3db334e8ab0c7a09749743979bd74e62457a997f3014357c852e6c6875f59dd8f1c09f62c5bb317f7a04f9dc31c9cdd24b2a56fee44c7d600b519010b
- SSDEEP
  
  49152:8PHN1/Gcsd7TY1vb6JxKrcETkA6RbsgoT2LsjGjxP5Dr5rAmskf7Wd:CHNNGcG7TY1vM/ETduQBT2LQGjbDrimc
Score

10^/10

asyncrat stealerium stormkitty discovery rat stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Stealerium
  An open source info stealer written in C# first seen in May 2022.
  stealer stealerium
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratstealeriumstormkittydiscoveryratstealer

behavioral2

asyncratstealeriumstormkittydiscoveryratstealer

© 2018-2024

Terms | Privacy