asyncrat | f6a02b872f66c473c65b11f6d6e590693753ad3dfbc441a6826bfba59a68ec76 | Triage

Submit
Reports

Overview

overview

Static

static

Faktura Si...DF.scr

windows7_x64

Faktura Si...DF.scr

windows10_x64

8

Sharing

General

Target

Faktura Sizeer.PDF.zip
Size

316KB
Sample

220114-krg2kafdhp
MD5

7ca9fd143ef4fdd49da9bef40b4c4a7a
SHA1

7cc5243b5a85c9a8b8b8e71eca0a260d41ca1448
SHA256

f6a02b872f66c473c65b11f6d6e590693753ad3dfbc441a6826bfba59a68ec76
SHA512

3489c86a58a22451266fb11919d271e7c95f8ee597f6ca5bba3d2315f7c9d27ccf6039255988c592ca65744fdf709f609c6fb88c3d89e2b5e76ac8213a0780c0

Score

10^/10

asyncrat default rat suricata

Static task

static1

Behavioral task

behavioral1

Sample

Faktura Sizeer/Faktura Sizeer PDF.scr

Resource

win7-en-20211208

asyncrat default rat suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Faktura Sizeer/Faktura Sizeer PDF.scr

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

ssonn.v6.rocks:7707

sson.dnsup.net:7707

Mutex

PLPL

Attributes

anti_vm
false
bsod
false
delay
3
install
false
install_folder
%AppData%
pastebin_config
null

aes.plain

Targets

- Target
  
  Faktura Sizeer/Faktura Sizeer PDF.scr
- Size
  
  439KB
- MD5
  
  cbd21bd0144b7f30b391ab92dcc7ef66
- SHA1
  
  a07dbdd56d33c93196cf1af8abded3f7eebd7509
- SHA256
  
  0419d8d710c448dfba5fdb36f01cde6e702cf062a55e20a3ccac0dd54f71cbb3
- SHA512
  
  010963c5c7a25f076ceec49d40e7831318c1c6be76c2d7a5df8ac2694b88da8e8fed39bee17c5a1c439671d0dc1ad89fe901161b43c78376e3f4f36a8657419e
Score

10^/10

asyncrat default rat suricata
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
  suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)
  suricata
- Async RAT payload
  rat
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratdefaultratsuricata

behavioral2

© 2018-2024

Terms | Privacy