asyncrat | 5f9656c4d140f6ee84da24a9241e4c7e8db9b98ab32e9d860731dfbab2cf7477 | Triage

Submit
Reports

Overview

overview

Static

static

1

9eeb1ff959...e5.exe

windows7-x64

7

9eeb1ff959...e5.exe

windows10-2004-x64

Sharing

General

Target

9eeb1ff9590f0d56965dd0c3be237be5.exe
Size

3.1MB
Sample

250201-jvevyawqeq
MD5

9eeb1ff9590f0d56965dd0c3be237be5
SHA1

64155d81fe03af2725dca920e7aac156b6fa12e6
SHA256

5f9656c4d140f6ee84da24a9241e4c7e8db9b98ab32e9d860731dfbab2cf7477
SHA512

01c695d0ce60fb21fd32b90e232bcc51424554497e2ccf39ca5f3f0323a3707d15d82681c00daa45919dc7eed46e38c68332609899f12101342f99dc66c998e4
SSDEEP

49152:9qpkFI/uZ8ysZz87LsraENPGo+K79OAl9WdpJhz22miNAel3ZCTfZp:BmS8C879OAl9QV20AeGTX

Score

10^/10

asyncrat stormkitty venomrat discovery rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

9eeb1ff9590f0d56965dd0c3be237be5.exe

Resource

win7-20240903-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

9eeb1ff9590f0d56965dd0c3be237be5.exe

Resource

win10v2004-20250129-en

asyncrat stormkitty venomrat discovery rat stealer

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  9eeb1ff9590f0d56965dd0c3be237be5.exe
- Size
  
  3.1MB
- MD5
  
  9eeb1ff9590f0d56965dd0c3be237be5
- SHA1
  
  64155d81fe03af2725dca920e7aac156b6fa12e6
- SHA256
  
  5f9656c4d140f6ee84da24a9241e4c7e8db9b98ab32e9d860731dfbab2cf7477
- SHA512
  
  01c695d0ce60fb21fd32b90e232bcc51424554497e2ccf39ca5f3f0323a3707d15d82681c00daa45919dc7eed46e38c68332609899f12101342f99dc66c998e4
- SSDEEP
  
  49152:9qpkFI/uZ8ysZz87LsraENPGo+K79OAl9WdpJhz22miNAel3ZCTfZp:BmS8C879OAl9QV20AeGTX
Score

10^/10

discovery asyncrat stormkitty venomrat rat stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Stormkitty family
  stormkitty
- VenomRAT
  Detects VenomRAT.
  rat
- Venomrat family
  venomrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates processes with tasklist
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratstormkittyvenomratdiscoveryratstealer

© 2018-2025

Terms | Privacy