asyncrat | e2f693427eb98ff14d97a66007433ddebb3a8311309e2b1f1a95a07c3ec397b4 | Triage

Sharing

General

Target

JaffaCakes118_e2f693427eb98ff14d97a66007433ddebb3a8311309e2b1f1a95a07c3ec397b4
Size

300.0MB
Sample

241221-y4tssaypdr
MD5

f2fe09806411a018f01bb6a12a80b2b2
SHA1

c08c933ff0bd50a1bded400f086378ddaab5ba4d
SHA256

e2f693427eb98ff14d97a66007433ddebb3a8311309e2b1f1a95a07c3ec397b4
SHA512

e435ef3941858b3e3a4d24bfd9778b9c683185472cdd326209dfdbfdc6cfdcea91fa01583985e586db01ef07749c5d1629091117661e7f60db0a9d0e4bd451b8
SSDEEP

3072:bXlvFgvATyfHSt0Vki6jKV1c2jZZIUh7yZGRXBOUEs64BRg40nuFbl3TQ9:b4vj562V/UZ+BUeBRgul29

Score

10^/10

asyncrat venom clients discovery rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT 5.0.5

Botnet

Venom Clients

C2

theyk6836.duckdns.org:9026

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  JaffaCakes118_e2f693427eb98ff14d97a66007433ddebb3a8311309e2b1f1a95a07c3ec397b4
- Size
  
  300.0MB
- MD5
  
  f2fe09806411a018f01bb6a12a80b2b2
- SHA1
  
  c08c933ff0bd50a1bded400f086378ddaab5ba4d
- SHA256
  
  e2f693427eb98ff14d97a66007433ddebb3a8311309e2b1f1a95a07c3ec397b4
- SHA512
  
  e435ef3941858b3e3a4d24bfd9778b9c683185472cdd326209dfdbfdc6cfdcea91fa01583985e586db01ef07749c5d1629091117661e7f60db0a9d0e4bd451b8
- SSDEEP
  
  3072:bXlvFgvATyfHSt0Vki6jKV1c2jZZIUh7yZGRXBOUEs64BRg40nuFbl3TQ9:b4vj562V/UZ+BUeBRgul29
Score

10^/10

asyncrat venom clients discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Executes dropped EXE
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratvenom clientsdiscoveryrat

behavioral2

asyncratvenom clientsdiscoveryrat