asyncrat | c8f3d97c54386b86778a1d20917353583bcf706ffe0615d962683d55e449bcab | Triage

Submit
Reports

Overview

overview

Static

static

8

Price list.xlsm

windows7_x64

1

Price list.xlsm

windows10_x64

Sharing

General

Target

Price list.xlsm
Size

64KB
Sample

210504-vlyhzrlldj
MD5

dc48640ca8488d4c4e61b807ef19d11c
SHA1

e2cfbc565e62b269a7bfbdf2b3c060e52aaa6614
SHA256

c8f3d97c54386b86778a1d20917353583bcf706ffe0615d962683d55e449bcab
SHA512

06d0b3420f784cad69e11202271b99f47c7c5eeca68de9a5e01da6ebf2c5b25414ec242dd4517eeff43fcd239ec8ded073a9317c1140ae9e3c6b620b6af741b9

Score

10^/10

asyncrat macro rat

Static task

static1

Behavioral task

behavioral1

Sample

Price list.xlsm

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Price list.xlsm

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://cenga.hr/components/search/pri.ps1

Targets

- Target
  
  Price list.xlsm
- Size
  
  64KB
- MD5
  
  dc48640ca8488d4c4e61b807ef19d11c
- SHA1
  
  e2cfbc565e62b269a7bfbdf2b3c060e52aaa6614
- SHA256
  
  c8f3d97c54386b86778a1d20917353583bcf706ffe0615d962683d55e449bcab
- SHA512
  
  06d0b3420f784cad69e11202271b99f47c7c5eeca68de9a5e01da6ebf2c5b25414ec242dd4517eeff43fcd239ec8ded073a9317c1140ae9e3c6b620b6af741b9
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy