asyncrat | dd94071cab75b6c0edd947b57439ec3a70e0c45fa9add74396d9a8058cfcd879 | Triage

Sharing

General

Target

JaffaCakes118_dd94071cab75b6c0edd947b57439ec3a70e0c45fa9add74396d9a8058cfcd879
Size

426KB
Sample

241230-w1y7zsspbq
MD5

168378e8a46b7d46dff6f1ef480e35c1
SHA1

03f9d268aa5fc76e623175f43570a85cb246bf07
SHA256

dd94071cab75b6c0edd947b57439ec3a70e0c45fa9add74396d9a8058cfcd879
SHA512

4dec9d14fa148031ff2fce5111d2f7c4153787ebc3c46b27934892ea92b9d5377d196abcbbe5fdd3336dd26f6d601e162468d780f6d3fd4d26cb169b0dd038c3
SSDEEP

6144:4+7NTvA0b6XG1MRTlwQaZmrH6YqsYJuAg5/41iOO7gvqipDi/+:4ovt621MHamrH6YGuAa/41itsvqKY+

Score

10^/10

asyncrat venom clients discovery rat

Malware Config

Extracted

Family

asyncrat

Version

5.0.5

Botnet

Venom Clients

C2

venom12345.duckdns.org:4449

venomunverified.duckdns.org:4449

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  JaffaCakes118_dd94071cab75b6c0edd947b57439ec3a70e0c45fa9add74396d9a8058cfcd879
- Size
  
  426KB
- MD5
  
  168378e8a46b7d46dff6f1ef480e35c1
- SHA1
  
  03f9d268aa5fc76e623175f43570a85cb246bf07
- SHA256
  
  dd94071cab75b6c0edd947b57439ec3a70e0c45fa9add74396d9a8058cfcd879
- SHA512
  
  4dec9d14fa148031ff2fce5111d2f7c4153787ebc3c46b27934892ea92b9d5377d196abcbbe5fdd3336dd26f6d601e162468d780f6d3fd4d26cb169b0dd038c3
- SSDEEP
  
  6144:4+7NTvA0b6XG1MRTlwQaZmrH6YqsYJuAg5/41iOO7gvqipDi/+:4ovt621MHamrH6YGuAa/41itsvqKY+
Score

10^/10

asyncrat venom clients discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratvenom clientsdiscoveryrat

behavioral2

asyncratvenom clientsdiscoveryrat