asyncrat | 62c6c51f713099e34da161990866e9e9f29495819cb176c914119a09a29a7c1f | Triage

Submit
Reports

Overview

overview

Static

static

1

Aurora-Ste...in.zip

windows10-ltsc 2021-x64

Sharing

General

Target

Aurora-Stealer-main.zip
Size

19.9MB
Sample

241029-p99lrawalp
MD5

1ee8ee4451acbed67105936ee445a5ac
SHA1

1382a2cda3cf2a288fd7b842f25bdeb500314cb1
SHA256

62c6c51f713099e34da161990866e9e9f29495819cb176c914119a09a29a7c1f
SHA512

d48586bc86846d1f6c70ff37bf84a5691ed1d59ac49d6a327d58aa40a751e3b8aef0e383f5c8b11501d453e193723935a31fda7d943413f2b61315a9321054e9
SSDEEP

393216:/DjvrXK10QzlBD5Z6qQPTgH5YQhohyPovOtBPfjbPmGD3ObxcYzvvT7Ycgp4Yn:7jvrauQzDrQrgCQhSycOtNBy3vKp4Yn

Score

10^/10

asyncrat stormkitty default discovery rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

Aurora-Stealer-main.zip

Resource

win10ltsc2021-20241023-en

asyncrat stormkitty default discovery rat stealer

windows10-ltsc 2021-x64

16 signatures

300 seconds

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

127.0.0.1:4449

Mutex

hwqarkrmtsomtkbpmu

Attributes

delay
1
install
true
install_file
MpDefenderCoreService.exe
install_folder
%Temp%

aes.plain

aes.plain

aes.plain

Targets

- Target
  
  Aurora-Stealer-main.zip
- Size
  
  19.9MB
- MD5
  
  1ee8ee4451acbed67105936ee445a5ac
- SHA1
  
  1382a2cda3cf2a288fd7b842f25bdeb500314cb1
- SHA256
  
  62c6c51f713099e34da161990866e9e9f29495819cb176c914119a09a29a7c1f
- SHA512
  
  d48586bc86846d1f6c70ff37bf84a5691ed1d59ac49d6a327d58aa40a751e3b8aef0e383f5c8b11501d453e193723935a31fda7d943413f2b61315a9321054e9
- SSDEEP
  
  393216:/DjvrXK10QzlBD5Z6qQPTgH5YQhohyPovOtBPfjbPmGD3ObxcYzvvT7Ycgp4Yn:7jvrauQzDrQrgCQhSycOtNBy3vKp4Yn
Score

10^/10

asyncrat stormkitty default discovery rat stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Stormkitty family
  stormkitty
- Async RAT payload
  rat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratstormkittydefaultdiscoveryratstealer

© 2018-2024

Terms | Privacy