asyncrat | 60837ecb4271e7348591ab1d8ee69dabf9071677694fb024493497af43855f25 | Triage

Submit
Reports

Overview

overview

Static

static

3

build.exe

windows11-21h2-x64

Sharing

General

Target

build.exe
Size

6.7MB
Sample

241008-yy66xswakb
MD5

28ef4cb352cfe60d068b08f677f3689f
SHA1

1efb5e55b13e15ed534c711efee79c62e36c8eea
SHA256

60837ecb4271e7348591ab1d8ee69dabf9071677694fb024493497af43855f25
SHA512

ec16acce2053d91f835c31aa453a4415b281fc041e1d4a23fe90631bc2acaf6c9bf6531f0332e2cf954660ac01d0e3f031c64e74988e06bee0d332814acc639c
SSDEEP

98304:XStzEq9xypvogUuuhDYbkqKTU5QgFFgG6INdOzs:WnTY84QuuG6INys

Score

10^/10

asyncrat stormkitty discovery persistence rat stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

build.exe

Resource

win11-20241007-en

asyncrat stormkitty discovery persistence rat stealer

windows11-21h2-x64

15 signatures

1800 seconds

Malware Config

Targets

- Target
  
  build.exe
- Size
  
  6.7MB
- MD5
  
  28ef4cb352cfe60d068b08f677f3689f
- SHA1
  
  1efb5e55b13e15ed534c711efee79c62e36c8eea
- SHA256
  
  60837ecb4271e7348591ab1d8ee69dabf9071677694fb024493497af43855f25
- SHA512
  
  ec16acce2053d91f835c31aa453a4415b281fc041e1d4a23fe90631bc2acaf6c9bf6531f0332e2cf954660ac01d0e3f031c64e74988e06bee0d332814acc639c
- SSDEEP
  
  98304:XStzEq9xypvogUuuhDYbkqKTU5QgFFgG6INdOzs:WnTY84QuuG6INys
Score

10^/10

asyncrat stormkitty discovery persistence rat stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratstormkittydiscoverypersistenceratstealer

© 2018-2024

Terms | Privacy