asyncrat | cf154a7b0efc6f02c475e4c44a410faed6129b356c6688b4f63deb9bae517048 | Triage

Sharing

General

Target

SecuriteInfo.com.Win32.Evo-gen.4339.10971
Size

194KB
Sample

241202-sm6s5avmbr
MD5

9a5ab5436636d809711978aad14df6cd
SHA1

1744bd4f71c21e08457516d7f59858dddfa63654
SHA256

cf154a7b0efc6f02c475e4c44a410faed6129b356c6688b4f63deb9bae517048
SHA512

c20b609378ca0ec0f9f9cb873ae2adec881b8ebcca1df9416c52181bacba59ed73b60c262e5f88a6032c438902c288b29928231278e1426c7473525d5aa829c0
SSDEEP

6144:Qnp7UdP0CntU5299UdPBow0vBiB39ixJZd37QW2:Oy0CtU5kvBg39ixFrv2

Score

10^/10

asyncrat venomrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

82.115.223.244:4449

Mutex

fnpxcekdvtg

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  SecuriteInfo.com.Win32.Evo-gen.4339.10971
- Size
  
  194KB
- MD5
  
  9a5ab5436636d809711978aad14df6cd
- SHA1
  
  1744bd4f71c21e08457516d7f59858dddfa63654
- SHA256
  
  cf154a7b0efc6f02c475e4c44a410faed6129b356c6688b4f63deb9bae517048
- SHA512
  
  c20b609378ca0ec0f9f9cb873ae2adec881b8ebcca1df9416c52181bacba59ed73b60c262e5f88a6032c438902c288b29928231278e1426c7473525d5aa829c0
- SSDEEP
  
  6144:Qnp7UdP0CntU5299UdPBow0vBiB39ixJZd37QW2:Oy0CtU5kvBg39ixFrv2
Score

10^/10

asyncrat venomrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- VenomRAT
  Detects VenomRAT.
  rat
- Venomrat family
  venomrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratvenomratdefaultdiscoveryrat

behavioral2

asyncratvenomratdefaultdiscoveryrat