asyncrat | 11972f7634307a1756dbe8033b2dc51932e7ac47d17748bfacc604b54a732346 | Triage

Sharing

General

Target

B8604C6F07270DC6EB0925C3FEADEB4F.exe
Size

3.4MB
Sample

210725-3wkxdtghsa
MD5

b8604c6f07270dc6eb0925c3feadeb4f
SHA1

c50588308cbb54b8f759b23037b3089e370089c5
SHA256

11972f7634307a1756dbe8033b2dc51932e7ac47d17748bfacc604b54a732346
SHA512

c8eea1975a9eab4d49187217a6f9d0e72f75f3b9c06319bf8c25ef2dda70fc88a7e86fec6a431495ceab6c1883286492c289c8a0b11974769660d1cddde58f6b

Score

10^/10

asyncrat rat suricata

Malware Config

Extracted

Family

asyncrat

Version

0.5.6D

C2

milla.publicvm.com:6606

milla.publicvm.com:7707

milla.publicvm.com:8808

Mutex

hzizmtfuyizxxugkf

Attributes

aes_key
8O0108t0cNZA65PD4CGxRxmuF31uXw1E
anti_detection
false
autorun
true
bdos
false
delay
Default
host
milla.publicvm.com
hwid
10
install_file
install_folder
%AppData%
mutex
hzizmtfuyizxxugkf
pastebin_config
null
port
6606,7707,8808
version
0.5.6D

aes.plain

Targets

- Target
  
  B8604C6F07270DC6EB0925C3FEADEB4F.exe
- Size
  
  3.4MB
- MD5
  
  b8604c6f07270dc6eb0925c3feadeb4f
- SHA1
  
  c50588308cbb54b8f759b23037b3089e370089c5
- SHA256
  
  11972f7634307a1756dbe8033b2dc51932e7ac47d17748bfacc604b54a732346
- SHA512
  
  c8eea1975a9eab4d49187217a6f9d0e72f75f3b9c06319bf8c25ef2dda70fc88a7e86fec6a431495ceab6c1883286492c289c8a0b11974769660d1cddde58f6b
Score

10^/10

asyncrat rat suricata
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
  suricata
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratratsuricata

behavioral2

asyncratratsuricata