15a5548e976f9a8ffad4c6eb397cf52d

General
Target

15a5548e976f9a8ffad4c6eb397cf52d

Size

253KB

Sample

211021-yq271aaff8

Score
10 /10
MD5

15a5548e976f9a8ffad4c6eb397cf52d

SHA1

a2b8e4e54cdc9b4f4565674cce538734288f82e5

SHA256

0ca4b3b694d6b317ab8df7c8f63198c7d696b9c238af5b9d83074670f4ed384b

SHA512

0f62e13137cae54313fe7acfafa8ac3166ddd58589102847e5df3e55830992a355c5cda4a5c891580f6e513242fc89b4458e19d58262fb3fbac3d0f92fbdd9b0

Malware Config

Extracted

Family asyncrat
Version 0.5.7B
Botnet Default
C2

dgrthdg.duckdns.org:1884

Attributes
anti_vm
false
bsod
false
delay
3
install
false
install_file
chrome.exe
install_folder
%AppData%
pastebin_config
null
aes.plain
Targets
Target

15a5548e976f9a8ffad4c6eb397cf52d

MD5

15a5548e976f9a8ffad4c6eb397cf52d

Filesize

253KB

Score
10/10
SHA1

a2b8e4e54cdc9b4f4565674cce538734288f82e5

SHA256

0ca4b3b694d6b317ab8df7c8f63198c7d696b9c238af5b9d83074670f4ed384b

SHA512

0f62e13137cae54313fe7acfafa8ac3166ddd58589102847e5df3e55830992a355c5cda4a5c891580f6e513242fc89b4458e19d58262fb3fbac3d0f92fbdd9b0

Tags

Signatures

  • AsyncRat

    Description

    AsyncRAT is designed to remotely monitor and control other computers.

    Tags

  • Async RAT payload

    Tags

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        10/10

                        behavioral2

                        10/10