asyncrat | 6caf398dd07a03dc116fa8562b0daf0973d16309299cb9664d2efbc82bdb3069 | Triage

Submit
Reports

Overview

overview

Static

static

invoice-ID9411548.vbs

windows7_x64

invoice-ID9411548.vbs

windows10_x64

Sharing

General

Target

invoice-ID9411548.vbs
Size

1KB
Sample

210101-6qab5xseyn
MD5

f9e8a25600c4bc01018c470bf41324ea
SHA1

19831c42ba73345e2b19499109754dbb0d39aae7
SHA256

6caf398dd07a03dc116fa8562b0daf0973d16309299cb9664d2efbc82bdb3069
SHA512

89d36cbb444ea80de1de638a322993b8328bcdc45b08a6f0d43d26daaab8272400fdafe8547bca47b195625f1ba6c3f311a05314d6ff0965334164b2c107cf10

Score

10^/10

asyncrat rat

Static task

static1

Behavioral task

behavioral1

Sample

invoice-ID9411548.vbs

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

invoice-ID9411548.vbs

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://ia601505.us.archive.org/27/items/1_20201229/1.txt

ps1.dropper

https://ia601402.us.archive.org/14/items/4_20201229/4.txt

Extracted

Family

asyncrat

Version

0.5.7B

C2

saico015.linkpc.net:6666

Mutex

AsyncMutex_6SI8OkPnk

Attributes

aes_key
hjeVCW0FjlKGY6kjdvCdmALQfmqFINh0
anti_detection
false
autorun
false
bdos
false
delay
Default
host
saico015.linkpc.net
hwid
3
install_file
install_folder
%AppData%
mutex
AsyncMutex_6SI8OkPnk
pastebin_config
null
port
6666
version
0.5.7B

aes.plain

Targets

- Target
  
  invoice-ID9411548.vbs
- Size
  
  1KB
- MD5
  
  f9e8a25600c4bc01018c470bf41324ea
- SHA1
  
  19831c42ba73345e2b19499109754dbb0d39aae7
- SHA256
  
  6caf398dd07a03dc116fa8562b0daf0973d16309299cb9664d2efbc82bdb3069
- SHA512
  
  89d36cbb444ea80de1de638a322993b8328bcdc45b08a6f0d43d26daaab8272400fdafe8547bca47b195625f1ba6c3f311a05314d6ff0965334164b2c107cf10
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy