asyncrat | 2d133a568566a3664e72f4cab1dede8b2b706d414adbc40222f25f8b056b45ab | Triage

Submit
Reports

Overview

overview

Static

static

LZCEY349215.vbs

windows7_x64

LZCEY349215.vbs

windows10_x64

Sharing

General

Target

LZCEY349215.VBS
Size

70KB
Sample

220129-e6d1kachgm
MD5

d5726ba5b7f7264d20dc4fbab0c3d61b
SHA1

3ca15e074176a44f4e03240add018b4b9f301b53
SHA256

2d133a568566a3664e72f4cab1dede8b2b706d414adbc40222f25f8b056b45ab
SHA512

3f1a5a67976c2ae653751fa32d79426475335a152142a354a82178cd6cd4d83ba46a4d2cee59c403dd6e1fea75bc43e0189dad4df00549fe3d78d39d6d14a79e

Score

10^/10

asyncrat rat

Static task

static1

Behavioral task

behavioral1

Sample

LZCEY349215.vbs

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

LZCEY349215.vbs

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://v3-fastupload.s3-accelerate.amazonaws.com/1643406871-d.mp3

Targets

- Target
  
  LZCEY349215.VBS
- Size
  
  70KB
- MD5
  
  d5726ba5b7f7264d20dc4fbab0c3d61b
- SHA1
  
  3ca15e074176a44f4e03240add018b4b9f301b53
- SHA256
  
  2d133a568566a3664e72f4cab1dede8b2b706d414adbc40222f25f8b056b45ab
- SHA512
  
  3f1a5a67976c2ae653751fa32d79426475335a152142a354a82178cd6cd4d83ba46a4d2cee59c403dd6e1fea75bc43e0189dad4df00549fe3d78d39d6d14a79e
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy