asyncrat | 23ba903e14ce489c912103322b57f13c20fdfbd0adadc39b04ccf863756606ea | Triage

Sharing

General

Target

test.exe
Size

74KB
Sample

250116-yxsbdawrfy
MD5

abd515c6d94c2de7edb2bd80023ef988
SHA1

228cf893387a11fdf8493dffee4624229c5b49aa
SHA256

23ba903e14ce489c912103322b57f13c20fdfbd0adadc39b04ccf863756606ea
SHA512

8673fa4fa22f7ddaa889a4a9baad60b86cae039d5b12fd5a8cd804f38d015808433f8f337e0f768e34e264d29bc1634640ef3bd7d56eace5c0ef13395b16898c
SSDEEP

1536:EUckcx4VHsC0SPMVc4SfSzyIrH1bi/AEpFnfwQzc2LVclN:EUpcx4GfSPMVc4SSH1biJbfwQPBY

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

Mutex

Rmc

Attributes

delay
1
install
false
install_folder
%AppData%
pastebin_config
https://pastebin.com/iRj0W279

aes.plain

Targets

- Target
  
  test.exe
- Size
  
  74KB
- MD5
  
  abd515c6d94c2de7edb2bd80023ef988
- SHA1
  
  228cf893387a11fdf8493dffee4624229c5b49aa
- SHA256
  
  23ba903e14ce489c912103322b57f13c20fdfbd0adadc39b04ccf863756606ea
- SHA512
  
  8673fa4fa22f7ddaa889a4a9baad60b86cae039d5b12fd5a8cd804f38d015808433f8f337e0f768e34e264d29bc1634640ef3bd7d56eace5c0ef13395b16898c
- SSDEEP
  
  1536:EUckcx4VHsC0SPMVc4SfSzyIrH1bi/AEpFnfwQzc2LVclN:EUpcx4GfSPMVc4SSH1biJbfwQPBY
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat