asyncrat | 70e0812ded88b5159709e0bde051483af900540c9cc4b4c86e4b9aa749a8b4cc | Triage

Sharing

General

Target

70e0812ded88b5159709e0bde051483af900540c9cc4b4c86e4b9aa749a8b4cc
Size

74KB
Sample

250421-ykt97sttc1
MD5

9a31ae4cc3085df2a38fb061253c0e50
SHA1

05f6b3dd3bb64977a81f03eee8c9692925872158
SHA256

70e0812ded88b5159709e0bde051483af900540c9cc4b4c86e4b9aa749a8b4cc
SHA512

bbf8dd64ae6ea5f3f04f64f7025dc71a445d5e3fa1f948f3fe1754e509d9288b8e376ff21e3681c82faec87d9b450f30f448613009143f85dc1e0d441d2e87e2
SSDEEP

1536:uUf8cxMcpCn6PMV2e9VdQuDI6H1bf/5Z6QzcqLVclN:uU0cxMmw6PMV2e9VdQsH1bfeQbBY

Score

10^/10

asyncrat nonames rat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

nonames

C2

127.0.0.1:4449

127.0.0.1:8848

Mutex

14211353252643673735242343242

Attributes

delay
1
install
true
install_file
12414141.exe
install_folder
%Temp%

aes.plain

Targets

- Target
  
  70e0812ded88b5159709e0bde051483af900540c9cc4b4c86e4b9aa749a8b4cc
- Size
  
  74KB
- MD5
  
  9a31ae4cc3085df2a38fb061253c0e50
- SHA1
  
  05f6b3dd3bb64977a81f03eee8c9692925872158
- SHA256
  
  70e0812ded88b5159709e0bde051483af900540c9cc4b4c86e4b9aa749a8b4cc
- SHA512
  
  bbf8dd64ae6ea5f3f04f64f7025dc71a445d5e3fa1f948f3fe1754e509d9288b8e376ff21e3681c82faec87d9b450f30f448613009143f85dc1e0d441d2e87e2
- SSDEEP
  
  1536:uUf8cxMcpCn6PMV2e9VdQuDI6H1bf/5Z6QzcqLVclN:uU0cxMmw6PMV2e9VdQsH1bfeQbBY
Score

10^/10

asyncrat nonames rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratnonamesasyncrat

behavioral1

asyncratnonamesrat

behavioral2

asyncratnonamesrat