asyncrat | aa25b09c0498daa80de2a413073b2e12c4dd5da6da775d67ca34622349d91eff | Triage

Sharing

General

Target

shellcode_loader.exe
Size

1.7MB
Sample

250413-ajhm1st1fv
MD5

7738fc1c644e75954d87e59f607c1dc1
SHA1

88797699e2449c749c3cf47b445e1802de3f0d0d
SHA256

aa25b09c0498daa80de2a413073b2e12c4dd5da6da775d67ca34622349d91eff
SHA512

08b8fdc3c181c7b76ec3b88dc04b7a8f2e73672ceb50743339558259a0a302b9b59704d5828a9f31b6505c5cdfbfcc93dc12a7944e8330ff8f1cafb38dd1ac06
SSDEEP

49152:4JbX0Bj7/5I+plh3dfd3hgkc+bVhdk4IU6ia:oG59eH+

Score

10^/10

asyncrat venomrat default rat

Malware Config

Extracted

Family

asyncrat

Version

L838 RAT v1.0.0

Botnet

Default

Mutex

sfsafqagbiv

Attributes

delay
1
install
true
install_file
Runtime Broker.exe
install_folder
%AppData%
pastebin_config
https://pastebin.com/raw/rVJQPNVe

aes.plain

Targets

- Target
  
  shellcode_loader.exe
- Size
  
  1.7MB
- MD5
  
  7738fc1c644e75954d87e59f607c1dc1
- SHA1
  
  88797699e2449c749c3cf47b445e1802de3f0d0d
- SHA256
  
  aa25b09c0498daa80de2a413073b2e12c4dd5da6da775d67ca34622349d91eff
- SHA512
  
  08b8fdc3c181c7b76ec3b88dc04b7a8f2e73672ceb50743339558259a0a302b9b59704d5828a9f31b6505c5cdfbfcc93dc12a7944e8330ff8f1cafb38dd1ac06
- SSDEEP
  
  49152:4JbX0Bj7/5I+plh3dfd3hgkc+bVhdk4IU6ia:oG59eH+
Score

10^/10

asyncrat venomrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- VenomRAT
  Detects VenomRAT.
  rat
- Venomrat family
  venomrat
- Async RAT payload
  rat
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratvenomratdefaultrat