[ MALWARE MUTEX INTELLIGENCE DATABASE ]
 ███████╗██╗   ██╗██╗██╗         ███╗   ███╗██╗   ██╗████████╗███████╗██╗  ██╗
 ██╔════╝██║   ██║██║██║         ████╗ ████║██║   ██║╚══██╔══╝██╔════╝╚██╗██╔╝
█████╗  ██║   ██║██║██║         ██╔████╔██║██║   ██║   ██║   █████╗   ╚███╔╝
██╔══╝  ╚██╗ ██╔╝██║██║         ██║╚██╔╝██║██║   ██║   ██║   ██╔══╝   ██╔██╗
 ███████╗ ╚████╔╝ ██║███████╗    ██║ ╚═╝ ██║╚██████╔╝   ██║   ███████╗██╔╝ ██╗
 ╚══════╝  ╚═══╝  ╚═╝╚══════╝    ╚═╝     ╚═╝ ╚═════╝    ╚═╝   ╚══════╝╚═╝  ╚═╝

Advanced Malware Analysis & Threat Intelligence

06:17:09
[ALL_FAMILIES]

3LOSH RAT

rat1 mutex signatures

[BASIC_INFORMATION]

FAMILY_NAME:
3LOSH RAT
CATEGORY:
RAT
DESCRIPTION:
3LOSH RAT (3loshrat) is a fork of AsyncRat that provides attackers with remote control capabilities over compromised systems. It uses specific mutexes to ensure single instance execution and coordinate its activities on the infected system.
ALIASES:
3loshrat
TAGS:
remote_accessbackdoorwindowsasyncrat_forkpersistence

[MUTEX_SIGNATURES](1)

[MUTEX_01]
AsyncMutex_Devil
ANALYST: @adhikara13 DATE: 2024-12-19
REFERENCES:
https://tria.ge/221215-ssfh5acf75/behavioral3/analog?main_event=Mutex&q=&mutant=AsyncMutex_Devil
https://app.any.run/tasks/a8254afb-57de-4e78-a8b6-173ce88ffb62?malconf=66fcb7d32f4ad79febb7fb05

[QUICK_ACTIONS]

[THREAT_INTELLIGENCE]

ATTRIBUTION:
Unknown
FIRST_OBSERVED:
2022

[SIGMA_RULE]

[STATISTICS]
MUTEX_COUNT:1
THREAT_ACTORS:1
ALIASES:1
TAGS:5
CATEGORY:RAT
 Malware profile loaded successfully 
 EvilMutex Project v1.0.0 
 Open Source Threat Intelligence Database 
[GITHUB][DOCS]