asyncrat | ff98728bb7bfa7fdd9f1da1f6b45fe64fb46b4bd7fef58634fad01d3b37ec155 | Triage

Sharing

General

Target

Client.exe
Size

73KB
Sample

250118-qpmf6atrgs
MD5

72be20fab9bcccfdf8dd9b4b57e358b1
SHA1

852c3f5ac59b188561ca9701aaa34c8a877bfae0
SHA256

ff98728bb7bfa7fdd9f1da1f6b45fe64fb46b4bd7fef58634fad01d3b37ec155
SHA512

c2a4e9674e85f0d7b474aa53f540ef1a8c0aea97ca020560a148c0915731fdfd84dc957e790d54e47d2b61fe75714960b902096ef6ade1f3478d6edc8957f6c5
SSDEEP

1536:LUUPcxVteCW7PMVee9VdQkhDIyH1bf/5o7nRQzc33VclN:LUmcxV4x7PMVee9VdQgH1bfcRQylY

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

193.161.193.99:52920

193.161.193.99:3333

Mutex

nfpzlqliopdz

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Client.exe
- Size
  
  73KB
- MD5
  
  72be20fab9bcccfdf8dd9b4b57e358b1
- SHA1
  
  852c3f5ac59b188561ca9701aaa34c8a877bfae0
- SHA256
  
  ff98728bb7bfa7fdd9f1da1f6b45fe64fb46b4bd7fef58634fad01d3b37ec155
- SHA512
  
  c2a4e9674e85f0d7b474aa53f540ef1a8c0aea97ca020560a148c0915731fdfd84dc957e790d54e47d2b61fe75714960b902096ef6ade1f3478d6edc8957f6c5
- SSDEEP
  
  1536:LUUPcxVteCW7PMVee9VdQkhDIyH1bf/5o7nRQzc33VclN:LUmcxV4x7PMVee9VdQgH1bfcRQylY
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

defaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat