asyncrat | 8a04e9a762cfd139b2da4df34b2431c9d1381968153b96997e1a793c7cbc0fff | Triage

Sharing

General

Target

StartupScript_06149941.cmd
Size

173KB
Sample

250330-xbj77stzcx
MD5

dd2c10bb72f3966b578922210671c8ad
SHA1

40ce88863c1cf5fd7eb1a822c9f0e4c3746ff166
SHA256

8a04e9a762cfd139b2da4df34b2431c9d1381968153b96997e1a793c7cbc0fff
SHA512

4c96deda1671bdeb2555f74fa22265e65068cb24edfaaae07027cc947c3073d6be88614132e2f7d5650da662bebe5287cb9cb71949aa4c066c063dc3761dea29
SSDEEP

3072:NnY3BcQvzcjz2mB9wjZHVvNPJlaBMNPjTMiJ9rW/7vGJAcJGcC+KL0wkW9V8DqH+:xY3BcQvzcjz2mB9wjZ1FRl0MFFrEbHfm

Score

10^/10

asyncrat venomrat default execution rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

196.251.90.23:6900

Mutex

wvtewswvegxawehou

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  StartupScript_06149941.cmd
- Size
  
  173KB
- MD5
  
  dd2c10bb72f3966b578922210671c8ad
- SHA1
  
  40ce88863c1cf5fd7eb1a822c9f0e4c3746ff166
- SHA256
  
  8a04e9a762cfd139b2da4df34b2431c9d1381968153b96997e1a793c7cbc0fff
- SHA512
  
  4c96deda1671bdeb2555f74fa22265e65068cb24edfaaae07027cc947c3073d6be88614132e2f7d5650da662bebe5287cb9cb71949aa4c066c063dc3761dea29
- SSDEEP
  
  3072:NnY3BcQvzcjz2mB9wjZHVvNPJlaBMNPjTMiJ9rW/7vGJAcJGcC+KL0wkW9V8DqH+:xY3BcQvzcjz2mB9wjZ1FRl0MFFrEbHfm
Score

10^/10

execution asyncrat venomrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- VenomRAT
  Detects VenomRAT.
  rat
- Venomrat family
  venomrat
- Async RAT payload
  rat
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratvenomratdefaultexecutionrat