asyncrat | 2d25fa02fb76d661dd326bfac20a888f2207a5a4310faafb8a1c1e4d23d89580 | Triage

Sharing

General

Target

JaffaCakes118_2d25fa02fb76d661dd326bfac20a888f2207a5a4310faafb8a1c1e4d23d89580
Size

1.7MB
Sample

241230-yn56wayndt
MD5

ba39e9cb587c3f666793fa23e5b94b93
SHA1

8a1c3bee1b8ef4cf668d9ebc0f9490b900a7c9cd
SHA256

2d25fa02fb76d661dd326bfac20a888f2207a5a4310faafb8a1c1e4d23d89580
SHA512

41c7211a90e734e5e88592347f4c78a5f9a0674a9461b45d87b2d664b9e2890790edc5cb820b9986a0200088b912e02bc852d497f075df11efe8032b5091d576
SSDEEP

3072:GNXhPFgvncy6cgVRkj5sCQrSYY8tgZaBOUEs64BRg40nuFbl3TQ9:GNVyCRkjjQrS8tgZaBUeBRgul29

Score

10^/10

asyncrat venom clients discovery rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT 5.0.5

Botnet

Venom Clients

C2

theyk6836.duckdns.org:9026

Mutex

Venom_RAT_HVNC_Mutex_Venom RAT_HVNC

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  JaffaCakes118_2d25fa02fb76d661dd326bfac20a888f2207a5a4310faafb8a1c1e4d23d89580
- Size
  
  1.7MB
- MD5
  
  ba39e9cb587c3f666793fa23e5b94b93
- SHA1
  
  8a1c3bee1b8ef4cf668d9ebc0f9490b900a7c9cd
- SHA256
  
  2d25fa02fb76d661dd326bfac20a888f2207a5a4310faafb8a1c1e4d23d89580
- SHA512
  
  41c7211a90e734e5e88592347f4c78a5f9a0674a9461b45d87b2d664b9e2890790edc5cb820b9986a0200088b912e02bc852d497f075df11efe8032b5091d576
- SSDEEP
  
  3072:GNXhPFgvncy6cgVRkj5sCQrSYY8tgZaBOUEs64BRg40nuFbl3TQ9:GNVyCRkjjQrS8tgZaBUeBRgul29
Score

10^/10

asyncrat venom clients discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Executes dropped EXE
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratvenom clientsdiscoveryrat

behavioral2

asyncratvenom clientsdiscoveryrat