asyncrat | 3afff94321f5f55b992d98b50e8af2046d473094a1e1e0611ccddb9bde659fa7 | Triage

Submit
Reports

Overview

overview

Static

static

RFQ_115A08...df.vbs

windows7_x64

RFQ_115A08...df.vbs

windows10_x64

Sharing

General

Target

RFQ_115A087_202104_20_Urgent_pdf.vbs
Size

5KB
Sample

210420-5wstpy5rcs
MD5

b36e32526b42e2fb17c93fb9f839bca2
SHA1

eb243b06b6e10ddc227018cc1b4d98209e93beed
SHA256

3afff94321f5f55b992d98b50e8af2046d473094a1e1e0611ccddb9bde659fa7
SHA512

00aaa35901b7dd8fe8aefb22e4ba40d61550984cfe66d1b893651f65b8b0c4cc76f9f36d713e6ce52241d055fc2b01dce880c9fe0b9e4602599fb9113ac5837c

Score

10^/10

asyncrat rat

Static task

static1

Behavioral task

behavioral1

Sample

RFQ_115A087_202104_20_Urgent_pdf.vbs

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RFQ_115A087_202104_20_Urgent_pdf.vbs

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://pastebin.com/raw/1grXhFpU

Targets

- Target
  
  RFQ_115A087_202104_20_Urgent_pdf.vbs
- Size
  
  5KB
- MD5
  
  b36e32526b42e2fb17c93fb9f839bca2
- SHA1
  
  eb243b06b6e10ddc227018cc1b4d98209e93beed
- SHA256
  
  3afff94321f5f55b992d98b50e8af2046d473094a1e1e0611ccddb9bde659fa7
- SHA512
  
  00aaa35901b7dd8fe8aefb22e4ba40d61550984cfe66d1b893651f65b8b0c4cc76f9f36d713e6ce52241d055fc2b01dce880c9fe0b9e4602599fb9113ac5837c
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Blocklisted process makes network request
- Drops startup file
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy