asyncrat | b01d928331e2b87a961b1a5953bc7dbb8d757c250f1343d731e3b6bb20591243 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

ADFoyxP.exe

windows11-21h2-x64

Resubmissions

12/03/2025, 13:04

250312-qa6aqa1thy 10

12/03/2025, 12:57

250312-p6x4jssmx9 10

12/03/2025, 12:45

250312-pzgg8az1dw 10

Sharing

General

Target

ADFoyxP.exe
Size

3.5MB
Sample

250312-qa6aqa1thy
MD5

45c1abfb717e3ef5223be0bfc51df2de
SHA1

4c074ea54a1749bf1e387f611dea0d940deea803
SHA256

b01d928331e2b87a961b1a5953bc7dbb8d757c250f1343d731e3b6bb20591243
SHA512

3d667f5ada9b62706be003ba42c4390177fc47c82d1d9fa9eaca36e36422e77b894f5ec92ad7a143b7494a5a4b43d6eb8af91cb54e78984bb6e8350df5c34546
SSDEEP

98304:UePnIk+fZcURguwJaPquzFJi0E3znjVxkC2b4VbD:LfIzRtguwgqo5E33wIVbD

Score

10^/10

asyncrat stormkitty discovery execution rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

ADFoyxP.exe

Resource

win11-20250217-uk

asyncrat stormkitty discovery execution rat stealer

windows11-21h2-x64

20 signatures

900 seconds

Malware Config

Targets

- Target
  
  ADFoyxP.exe
- Size
  
  3.5MB
- MD5
  
  45c1abfb717e3ef5223be0bfc51df2de
- SHA1
  
  4c074ea54a1749bf1e387f611dea0d940deea803
- SHA256
  
  b01d928331e2b87a961b1a5953bc7dbb8d757c250f1343d731e3b6bb20591243
- SHA512
  
  3d667f5ada9b62706be003ba42c4390177fc47c82d1d9fa9eaca36e36422e77b894f5ec92ad7a143b7494a5a4b43d6eb8af91cb54e78984bb6e8350df5c34546
- SSDEEP
  
  98304:UePnIk+fZcURguwJaPquzFJi0E3znjVxkC2b4VbD:LfIzRtguwgqo5E33wIVbD
Score

10^/10

asyncrat stormkitty discovery execution rat stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Stormkitty family
  stormkitty
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Drops startup file
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Process Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratstormkittydiscoveryexecutionratstealer

© 2018-2025

Terms | Privacy