Unmasking AsyncRAT: Navigating the labyrinth of forks

Aug. 12, 2025, 10:50 a.m.

Description

AsyncRAT, an open-source remote access trojan, has evolved into a sprawling network of forks and variants since its 2019 release. The article explores its origins, tracing influence from Quasar RAT, and maps out the relationships among various forks. DcRat and VenomRAT emerge as the most widely deployed variants, offering enhanced features and capabilities. Lesser-known forks like NonEuclid RAT, JasonRAT, and XieBroRAT introduce unique plugins and functionalities. The proliferation of AsyncRAT forks highlights the risks associated with open-source malware frameworks, lowering barriers for cybercriminals and contributing to an increasingly complex threat landscape.

External References

https://www.welivesecurity.com/en/eset-research/unmasking-asyncrat-navigating-labyrinth-forks/
https://otx.alienvault.com/pulse/689b15fe20990164171b8068
Tags
asyncrat
dcrat
venomrat
quasar rat
evasion techniques
remote access trojan
2025-07-16
2025-08-12
santarat
boratrat
xiebrorat
noneuclid rat
jasonrat
malware forks

Date

  • Created: Aug. 12, 2025, 10:22 a.m.
  • Published: Aug. 12, 2025, 10:22 a.m.
  • Modified: Aug. 12, 2025, 10:50 a.m.

Indicators

  • ce580173f80ea8926a342a00c2391769b1cddbfba790f49e78884f534ac3810d
  • cd66b5225632c087ef00c5b47f4924772203808d5ea377b3455cbae8e08ac41f
  • cb403c05f19d6144911c9cafa017c9c05f632b0daaf598937cfd984401c7a406
  • ba499f290dcd9101bf45d836982e9b7d6c8eadc7df3ebe69c1d022f9b88d1e9c
  • b88306f2ed133b9974c33ba731bde72510d1ec5a08a766f8e3299a3c3da33a67
  • 9a8dbbe51d9c9af6f5441e9df456ec33f1fdb00e576363c72d28dcf38ea60a6e
  • 927f69d3947c1e35d7fa3d7d77e8e46d9e5c38781db4bb1af18e9b27d7666fa8
  • 910d46e7b88983251e7235fb4e6d93b2f906e645b65dbc8cf8070110443254c5
  • 83d4c62361c62d27a8c3fa883c6ce961c49bc02807a887e5d7c443da05999a11
  • 8d62b295701f2744d654634775b8361b3861f6aa8e2a02589e714366314a497d
  • 6e577042fe47a87a18e1ca6de35e562b64d308c45b31ad1dd9a2d8531270d3e8
  • 6a51397e57a7a1c68cb7e341b520efc5bf10eccc55afebf7c5472b3b417408f1
  • 674bfa896f86cbefa2054917bd0c6f4d92fefddb44c980731dcdc1dc80872150
  • 6738a2a7e01e63db60c542d4a9be85d344e804384bec18aedbae91ab3f7eb607
  • 57cdeca5d774353b37affdb9f3bf50bff0e16140a9ced996f5ac3925de362074
  • 361460640ed375bf2c7728069ad647b79e13138680ad2444e58ce781d76d2200
  • 23b40e6b506a4767a8aa5b79972f7e6db079faa9f7e7bebbd29381deb6b0431e
  • 20e182848bc93bae086ff27514c971ebccafdb8e2d7c3ca038b1785365b12868
  • 0d2b60ff8d8772275afc7464386b59bce476e56b157ca0932b44ba4a994fb6ac
  • 522d4528ed25fe6ce9422b45ac4d162e7567330c0fcb274de247c4cb07ed794b
  • 319eebfe268b98849276901a885c1764cd0d964691fbe0d58689ef2a62f051c9
  • 14a5edabc087617810f9ff2aa7a27d3642863be143f4be27ef91df5dd2c64c21
Download all indicators here!

Attack Patterns

  • SantaRAT
  • BoratRAT
  • XieBroRAT
  • JasonRAT
  • NonEuclid RAT
  • VenomRAT
  • DcRat
  • Quasar RAT
  • AsyncRAT
  • AsyncRAT