asyncrat | 40fb046cd3a136a4c55338295b05b887ea1de0ed7b7ae58fc0d3dc83ae54cba1 | Triage

Submit
Reports

Overview

overview

Static

static

Builder Wo...ro.zip

windows11-21h2-x64

Sharing

General

Target

Builder WorldWind Pro.zip
Size

1.2MB
Sample

250212-rc1npavlas
MD5

1a13f22219851b49296ede39fcc1f65c
SHA1

353bd26f2da850e5cd596ef58e3dc96dce5bd85b
SHA256

40fb046cd3a136a4c55338295b05b887ea1de0ed7b7ae58fc0d3dc83ae54cba1
SHA512

31c587b2da90256086a740a1cf3373f64a831ede833c3393b0e6656dc467aab1c7cadf0e96c74f18bc383e41dbb985117dfc92afb5ce26a4abfcb79394366e23
SSDEEP

24576:yBPkCkNVx9Ef4cQ+KG7SKaZ5g3hYiaThGKvIkrlb4yBpssssssss0P0uxRwlL93:okNVx9QVQWOKT3/a1wkrlb10PVxSv3

Score

10^/10

asyncrat redline stormkitty default discovery infostealer rat

Static task

static1

rat default asyncrat stormkitty

5 signatures

Behavioral task

behavioral1

Sample

Builder WorldWind Pro.zip

Resource

win11-20250211-en

redline discovery infostealer

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Builder WorldWind Pro.zip
- Size
  
  1.2MB
- MD5
  
  1a13f22219851b49296ede39fcc1f65c
- SHA1
  
  353bd26f2da850e5cd596ef58e3dc96dce5bd85b
- SHA256
  
  40fb046cd3a136a4c55338295b05b887ea1de0ed7b7ae58fc0d3dc83ae54cba1
- SHA512
  
  31c587b2da90256086a740a1cf3373f64a831ede833c3393b0e6656dc467aab1c7cadf0e96c74f18bc383e41dbb985117dfc92afb5ce26a4abfcb79394366e23
- SSDEEP
  
  24576:yBPkCkNVx9Ef4cQ+KG7SKaZ5g3hYiaThGKvIkrlb4yBpssssssss0P0uxRwlL93:okNVx9QVQWOKT3/a1wkrlb10PVxSv3
Score

10^/10

redline discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncratstormkitty

behavioral1

redlinediscoveryinfostealer

© 2018-2025

Terms | Privacy