asyncrat

General

Target

230b143294c018f8fc6c36581be214e2d3725546bba0a241da12854052806005.exe
Size

6.2MB
Sample

250213-c5t92ssles
MD5

3cb427c5f783752ea688c135b516dbb4
SHA1

8a9e0937d7db2b951f50c7cc1f0ebf42aaafb21b
SHA256

230b143294c018f8fc6c36581be214e2d3725546bba0a241da12854052806005
SHA512

f35074310eb13beb43039b440af695500e0eb4ff9634a820be9838e6bddeda8ca7d05ef969fe21f2ffd856bb88022d6e6c0b3b59cb131b90dcae22fe238f9697
SSDEEP

98304:H7SmQ0OBrD+f8wNVrq2+ow64WfRnZUo7SmQ0OBrD+f8wNVrq2+ow64WfRnZUW:HOmSDktNjZUoOmSDktNjZUW

Score

10^/10

Malware Config

Targets

- Target
  
  230b143294c018f8fc6c36581be214e2d3725546bba0a241da12854052806005.exe
- Size
  
  6.2MB
- MD5
  
  3cb427c5f783752ea688c135b516dbb4
- SHA1
  
  8a9e0937d7db2b951f50c7cc1f0ebf42aaafb21b
- SHA256
  
  230b143294c018f8fc6c36581be214e2d3725546bba0a241da12854052806005
- SHA512
  
  f35074310eb13beb43039b440af695500e0eb4ff9634a820be9838e6bddeda8ca7d05ef969fe21f2ffd856bb88022d6e6c0b3b59cb131b90dcae22fe238f9697
- SSDEEP
  
  98304:H7SmQ0OBrD+f8wNVrq2+ow64WfRnZUo7SmQ0OBrD+f8wNVrq2+ow64WfRnZUW:HOmSDktNjZUoOmSDktNjZUW
Score

10^/10

asyncrat stormkitty discovery rat stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Stormkitty family
  stormkitty
- Downloads MZ/PE file
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

System Network Configuration Discovery

1

T1016

Internet Connection Discovery

1

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Asyncrat family

StormKitty

StormKitty payload

Stormkitty family

Downloads MZ/PE file

.NET Reactor proctector

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2