asyncrat | 78b4ba3aaf358440be7212cb23b8ca6c3f4fef477436b52c483185d4b90a8dda | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

78b4ba3aaf358440be7212cb23b8ca6c3f4fef477436b52c483185d4b90a8dda
Size

1.2MB
Sample

211108-xkp5tahhfm
MD5

93f2ef7ece667948d903fd81a9c93dae
SHA1

33a83a4a6d582c20c44719df67815455ec4f789c
SHA256

78b4ba3aaf358440be7212cb23b8ca6c3f4fef477436b52c483185d4b90a8dda
SHA512

793a9521600f50d127556ab7c46929faddc74e23cdbee49ec914a1502f346d7a3513036ee8d9c8d8c31112325217951b5e60df07093e5b6f3d0d3fc7148d2a4a

Score

10^/10

asyncrat agilenet persistence rat

Static task

static1

Behavioral task

behavioral1

Sample

78b4ba3aaf358440be7212cb23b8ca6c3f4fef477436b52c483185d4b90a8dda.exe

Resource

win10-en-20211014

asyncrat agilenet persistence rat

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  78b4ba3aaf358440be7212cb23b8ca6c3f4fef477436b52c483185d4b90a8dda
- Size
  
  1.2MB
- MD5
  
  93f2ef7ece667948d903fd81a9c93dae
- SHA1
  
  33a83a4a6d582c20c44719df67815455ec4f789c
- SHA256
  
  78b4ba3aaf358440be7212cb23b8ca6c3f4fef477436b52c483185d4b90a8dda
- SHA512
  
  793a9521600f50d127556ab7c46929faddc74e23cdbee49ec914a1502f346d7a3513036ee8d9c8d8c31112325217951b5e60df07093e5b6f3d0d3fc7148d2a4a
Score

10^/10

asyncrat agilenet persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratagilenetpersistencerat

© 2018-2024

Terms | Privacy