asyncrat | a57e3df4a9633d46ac59b6a45a3ad21357acbf5182e841e16a820edf81138bb6 | Triage

Sharing

General

Target

7CA736BA6C5898C997FD82042EB2B4A3.exe
Size

459KB
Sample

210416-pfbf8tmzg2
MD5

7ca736ba6c5898c997fd82042eb2b4a3
SHA1

258a71bd04ff5e3da545d941bb962de998fcb356
SHA256

a57e3df4a9633d46ac59b6a45a3ad21357acbf5182e841e16a820edf81138bb6
SHA512

6bf4d9251573d23de947f4ad3acba0162fdc748e7338eba6346201c09d48c4261105a3459132258fc6a22f3517ee1c3362c1c439d5287a50f4d2a48f23d10c16

Score

10^/10

asyncrat rat

Malware Config

Extracted

Family

asyncrat

C2

:

Mutex

Attributes

aes_key
anti_detection
autorun
bdos
delay
host
hwid
Write
install_file
install_folder
xs4F7VPUmodOruvSvV.DMOM3d1QV9uxb9cuEw
mutex
pastebin_config
port
version

aes.plain

Targets

- Target
  
  7CA736BA6C5898C997FD82042EB2B4A3.exe
- Size
  
  459KB
- MD5
  
  7ca736ba6c5898c997fd82042eb2b4a3
- SHA1
  
  258a71bd04ff5e3da545d941bb962de998fcb356
- SHA256
  
  a57e3df4a9633d46ac59b6a45a3ad21357acbf5182e841e16a820edf81138bb6
- SHA512
  
  6bf4d9251573d23de947f4ad3acba0162fdc748e7338eba6346201c09d48c4261105a3459132258fc6a22f3517ee1c3362c1c439d5287a50f4d2a48f23d10c16
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2