asyncrat | 4f00838cab77f7c56b646623621de0fdc33fbc75c1d2c4539435429ca0cc94db | Triage

Sharing

General

Target

aida64extrem e630.exe
Size

187KB
Sample

210113-mkpd52r5m6
MD5

b2e6c73f17d8888a8b0341ed37a07ccf
SHA1

f7926eebc3949e6ff2d00ded6048cefc5eba7f52
SHA256

4f00838cab77f7c56b646623621de0fdc33fbc75c1d2c4539435429ca0cc94db
SHA512

367a544067da3c0941e285bb7c46ab75e9cb7518b53fe78cd2be5501fec0f5dd68645b2136a57e32cb003813084f0d4a43654a9db1775289271fdd284e5ed4d3

Score

10^/10

asyncrat rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

170293.ddns.net:1231

Mutex

AsyncMutex_6SI8OkPnk

Attributes

aes_key
dWppLoj1BP1Yv8TfZlxnO5WEvC22ipao
anti_detection
false
autorun
true
bdos
false
delay
Default
host
170293.ddns.net
hwid
3
install_file
install_folder
%AppData%
mutex
AsyncMutex_6SI8OkPnk
pastebin_config
null
port
1231
version
0.5.7B

aes.plain

Targets

- Target
  
  aida64extrem e630.exe
- Size
  
  187KB
- MD5
  
  b2e6c73f17d8888a8b0341ed37a07ccf
- SHA1
  
  f7926eebc3949e6ff2d00ded6048cefc5eba7f52
- SHA256
  
  4f00838cab77f7c56b646623621de0fdc33fbc75c1d2c4539435429ca0cc94db
- SHA512
  
  367a544067da3c0941e285bb7c46ab75e9cb7518b53fe78cd2be5501fec0f5dd68645b2136a57e32cb003813084f0d4a43654a9db1775289271fdd284e5ed4d3
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2