asyncrat | 7e129f68ebb1e8730941dcf50344e256bd0e32f29cac0e641426b88a17e131c6 | Triage

Submit
Reports

Overview

overview

Static

static

1

vfrcxq.ps1

windows7-x64

8

vfrcxq.ps1

windows10-2004-x64

Sharing

General

Target

vfrcxq.ps1
Size

1KB
Sample

250101-jqy31s1ran
MD5

0cdc732f0ded614eb23c08213bcf1e04
SHA1

0cbca39b7b1a0ec9b930c38c1c60d50feed74ee3
SHA256

7e129f68ebb1e8730941dcf50344e256bd0e32f29cac0e641426b88a17e131c6
SHA512

86c92258d18f25c97215c68cd4ef09b0c1433ea9de27c00247537ea8a7c187d4428b1cb151c785d5544f17da8ba9b138ef59efd3c7f7546240bf7ae5a5b29eb7

Score

10^/10

asyncrat stormkitty discovery execution rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

vfrcxq.ps1

Resource

win7-20240708-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

vfrcxq.ps1

Resource

win10v2004-20241007-en

asyncrat stormkitty discovery execution rat stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  vfrcxq.ps1
- Size
  
  1KB
- MD5
  
  0cdc732f0ded614eb23c08213bcf1e04
- SHA1
  
  0cbca39b7b1a0ec9b930c38c1c60d50feed74ee3
- SHA256
  
  7e129f68ebb1e8730941dcf50344e256bd0e32f29cac0e641426b88a17e131c6
- SHA512
  
  86c92258d18f25c97215c68cd4ef09b0c1433ea9de27c00247537ea8a7c187d4428b1cb151c785d5544f17da8ba9b138ef59efd3c7f7546240bf7ae5a5b29eb7
Score

10^/10

execution asyncrat stormkitty discovery rat stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Stormkitty family
  stormkitty
- Blocklisted process makes network request
- Downloads MZ/PE file
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratstormkittydiscoveryexecutionratstealer

© 2018-2025

Terms | Privacy