asyncrat | bc649a11850db40e2c753878c6ba390f8ea08c0e7fae4a9d4c44d470762cce53 | Triage

Sharing

General

Target

JaffaCakes118_bc649a11850db40e2c753878c6ba390f8ea08c0e7fae4a9d4c44d470762cce53
Size

107KB
Sample

241226-2sqhrstpgq
MD5

8a1045764a6a99ae682a0cb403b6e572
SHA1

c4ac3b6b8d63c066531118f8f666446f0def07f6
SHA256

bc649a11850db40e2c753878c6ba390f8ea08c0e7fae4a9d4c44d470762cce53
SHA512

37b656893ef9ebd6300b14386346c4c15f11c439776fbb4e55ae389673b486021eefdc7aeaff62527359187fd7417dd27f9687b8a5efec5c30d4c7c6b9df6689
SSDEEP

3072:arruvta31Om4EdBBQTvzTzZmwIuDV9o3pP:afOCyTtIuApP

Score

10^/10

asyncrat venom clients discovery rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT 5.0.5

Botnet

Venom Clients

C2

yedbopds.duckdns.org:9056

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  EKTEY03H.EXE
- Size
  
  300.0MB
- MD5
  
  93e5b5997ba7511c9648a679d24070d8
- SHA1
  
  97c0a7b98c7fe0728bec01fee5f5d3c4d1b34f00
- SHA256
  
  b2c0e249df623b4562efe97278af7671b24e5a1736291200617b19239d871034
- SHA512
  
  469513cbe362e1eea9f316859fa149063cd45c44de89e715a13e9d0ce1aebdd46a46b96476c6ff169cee587013ed5c20d10cfac99ab8fbffb85e750dcd1e3d16
- SSDEEP
  
  3072:+g8JUq6cg5wCacuLf67MJQn4TK/5DrNeusK:zmUBcgCCLuuyc4TKBDrNeux
Score

10^/10

asyncrat venom clients discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Executes dropped EXE
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratvenom clientsdiscoveryrat

behavioral2

asyncratvenom clientsdiscoveryrat