asyncrat | 644bf15ecd1fe95c3c559e130a2423618235661befac49ec017197936bf5efda | Triage

Sharing

General

Target

staffbesting.rar
Size

358KB
Sample

250129-v8hpjavjfz
MD5

961e2434f73d1ea24c9e390f839a2bf7
SHA1

5e5127fc1fb752d41b5e4feffa720272c884ae37
SHA256

644bf15ecd1fe95c3c559e130a2423618235661befac49ec017197936bf5efda
SHA512

07d7d71d3e7ec6c94cc4733112a65f0b5c0eb112092de8ea70e5f54b2c5c2cd7002323f9bcd8f2de781114be4d70ba5b8c16fabea9d8defa939ee1d5c629f586
SSDEEP

6144:50+LWIOQmUayBeHhBSN44WSuyltW5T0LGycZegsXz8HAVJbXHGSB2:50+L9OQtFNmriW5ILGbZQD8HAfme2

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

Mutex

zzzxbdsybzu

Attributes

c2_url_file
https://paste.ee/r/COm4hFYr/0
delay
1
install
true
install_file
Systeam.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  staffbesting.rar
- Size
  
  358KB
- MD5
  
  961e2434f73d1ea24c9e390f839a2bf7
- SHA1
  
  5e5127fc1fb752d41b5e4feffa720272c884ae37
- SHA256
  
  644bf15ecd1fe95c3c559e130a2423618235661befac49ec017197936bf5efda
- SHA512
  
  07d7d71d3e7ec6c94cc4733112a65f0b5c0eb112092de8ea70e5f54b2c5c2cd7002323f9bcd8f2de781114be4d70ba5b8c16fabea9d8defa939ee1d5c629f586
- SSDEEP
  
  6144:50+LWIOQmUayBeHhBSN44WSuyltW5T0LGycZegsXz8HAVJbXHGSB2:50+L9OQtFNmriW5ILGbZQD8HAfme2
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat