Description
AsyncRAT is designed to remotely monitor and control other computers.
3c39836dedf6779a0207819c72238fa5
General
Target
Size
Sample
3c39836dedf6779a0207819c72238fa5
671KB
220222-kw6wgsgafq
Score
10 /10
MD5
SHA1
SHA256
SHA512
3c39836dedf6779a0207819c72238fa5
07433edf63057fff1e96ddbf5249aa2c50f69dbd
34694c57b7447b59d6bc6a2dba635fa320a4d4b1e550a36840fe1f2208b76d87
f8a6810abf551f01aae3a8d7c2e6a3421aac3f0312301a5e12a28bfe9490ae064f5c8dd846113cf755a3d9b8f22b80f92b27ec6e4590b04a1629662f472a7086
Malware Config
Extracted
| Family | asyncrat |
| Version | 0.5.7B |
| Botnet | 1 |
| C2 |
212.193.30.54:8755 |
| Attributes |
anti_vm false
bsod false
delay 3
install false
install_folder %AppData%
pastebin_config null |
| aes.plain |
|
Targets
Target
MD5
Filesize
3c39836dedf6779a0207819c72238fa5
3c39836dedf6779a0207819c72238fa5
671KB
Score
10/10
SHA1
SHA256
SHA512
07433edf63057fff1e96ddbf5249aa2c50f69dbd
34694c57b7447b59d6bc6a2dba635fa320a4d4b1e550a36840fe1f2208b76d87
f8a6810abf551f01aae3a8d7c2e6a3421aac3f0312301a5e12a28bfe9490ae064f5c8dd846113cf755a3d9b8f22b80f92b27ec6e4590b04a1629662f472a7086
Tags
Signatures
-
AsyncRat
-
Async RAT payload
Tags
-
Reads user/profile data of web browsers
Description
Infostealers often target stored browser data, which can include saved credentials etc.
Tags
TTPs
-
Adds Run key to start application
Tags
TTPs
-
Suspicious use of SetThreadContext
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks