asyncrat | 57490eab4c55cabedda2c747d8af7e7fb78546fb12bcaec6b56c33be7db09247 | Triage

Sharing

General

Target

57490eab4c55cabedda2c747d8af7e7fb78546fb12bcaec6b56c33be7db09247
Size

74KB
Sample

250123-a131aatmdt
MD5

fce70f9f47e53c7f136ea47a62230c1b
SHA1

6f6960817fa0f6743f0500ca1930382f20b44097
SHA256

57490eab4c55cabedda2c747d8af7e7fb78546fb12bcaec6b56c33be7db09247
SHA512

1dac4ad880071d0e48f7d34fd41e81e9ffa4ee83397d7c58956200b5ecb9653c78b2cfbb31ae7c40710a86de44a6f6ea76bec1a16f05202e358e8094b2630a13
SSDEEP

1536:2UINwcxKHXwzCtmPMV2e9VdQuDI6H1bf/ITV+0QzcqLVclN:2UIicxK8WmPMV2e9VdQsH1bfm40QbBY

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

127.0.0.1:4449

2.56.109.146:4449

Mutex

asdasfhjggf

Attributes

delay
1
install
true
install_file
client.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  57490eab4c55cabedda2c747d8af7e7fb78546fb12bcaec6b56c33be7db09247
- Size
  
  74KB
- MD5
  
  fce70f9f47e53c7f136ea47a62230c1b
- SHA1
  
  6f6960817fa0f6743f0500ca1930382f20b44097
- SHA256
  
  57490eab4c55cabedda2c747d8af7e7fb78546fb12bcaec6b56c33be7db09247
- SHA512
  
  1dac4ad880071d0e48f7d34fd41e81e9ffa4ee83397d7c58956200b5ecb9653c78b2cfbb31ae7c40710a86de44a6f6ea76bec1a16f05202e358e8094b2630a13
- SSDEEP
  
  1536:2UINwcxKHXwzCtmPMV2e9VdQuDI6H1bf/ITV+0QzcqLVclN:2UIicxK8WmPMV2e9VdQsH1bfm40QbBY
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat