asyncrat | 05af19f88159fdc48e4039627198ddffacceb086e67a5fe0a76379a490be75a6 | Triage

Sharing

General

Target

JaffaCakes118_05af19f88159fdc48e4039627198ddffacceb086e67a5fe0a76379a490be75a6
Size

300.0MB
Sample

241229-gs3swavlcv
MD5

3bfc4f5d058aac39f3cd1cc7771fb376
SHA1

4f400860ad6e90f17b6abe3f925de5fe47dac4ba
SHA256

05af19f88159fdc48e4039627198ddffacceb086e67a5fe0a76379a490be75a6
SHA512

263be832f00990f423febb1be6f7871841c695c876f051a6f0906dfa9cb577f00b5a6a610fdf36a8c5d3323d2e8b5e171d78fe2e42b4bf6114d6c76476fa236e
SSDEEP

6144:duoCmQdnCJGib1C5mb67X3UIAPaQxgm5LqGZAoyT24sc+n9fiibGd2HzZ:duL8JGib05b7XE2Q4+4Y

Score

10^/10

asyncrat venom clients discovery rat

Malware Config

Extracted

Family

asyncrat

Version

5.0.5

Botnet

Venom Clients

C2

venom12345.duckdns.org:4449

venomunverified.duckdns.org:4449

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  JaffaCakes118_05af19f88159fdc48e4039627198ddffacceb086e67a5fe0a76379a490be75a6
- Size
  
  300.0MB
- MD5
  
  3bfc4f5d058aac39f3cd1cc7771fb376
- SHA1
  
  4f400860ad6e90f17b6abe3f925de5fe47dac4ba
- SHA256
  
  05af19f88159fdc48e4039627198ddffacceb086e67a5fe0a76379a490be75a6
- SHA512
  
  263be832f00990f423febb1be6f7871841c695c876f051a6f0906dfa9cb577f00b5a6a610fdf36a8c5d3323d2e8b5e171d78fe2e42b4bf6114d6c76476fa236e
- SSDEEP
  
  6144:duoCmQdnCJGib1C5mb67X3UIAPaQxgm5LqGZAoyT24sc+n9fiibGd2HzZ:duL8JGib05b7XE2Q4+4Y
Score

10^/10

asyncrat venom clients discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratvenom clientsdiscoveryrat

behavioral2

asyncratvenom clientsdiscoveryrat