asyncrat | d547b959923e2daa0c3699fe7c8f2983510de50f92db57357cb0322a6fcacbfd | Triage

Submit
Reports

Overview

overview

Static

static

Doc#662020...df.exe

windows7_x64

Doc#662020...df.exe

windows10-2004_x64

Sharing

General

Target

d547b959923e2daa0c3699fe7c8f2983510de50f92db57357cb0322a6fcacbfd
Size

202KB
Sample

220521-chfhdaghgk
MD5

0a9e7e6d8530fa31e14c49e8c6ae0ee6
SHA1

926d40cac8921b99f4927eb54e387d78081970e3
SHA256

d547b959923e2daa0c3699fe7c8f2983510de50f92db57357cb0322a6fcacbfd
SHA512

66f51ad28792cbf933d2de0618d31d8b297f2a56526452b6dd76eccf829159913252412071678c61cf77668f845f30efd663caa2e1588e2c59680a5103369bfc

Score

10^/10

asyncrat together rat

Static task

static1

Behavioral task

behavioral1

Sample

Doc#6620200947535257653014.pdf.exe

Resource

win7-20220414-en

asyncrat together rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Doc#6620200947535257653014.pdf.exe

Resource

win10v2004-20220414-en

asyncrat together rat

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

TOGETHER

Mutex

chizzy25@/@!7^UPCAZ

Attributes

delay
3
install
false
install_folder
%AppData%
pastebin_config
https://pastebin.com/raw/HKYwiN9V

aes.plain

Targets

- Target
  
  Doc#6620200947535257653014.pdf.exe
- Size
  
  612KB
- MD5
  
  8b18e957f0dad8ca9bc4312ff8e0f37f
- SHA1
  
  1e6871bb4412831e72b63612050317503850a810
- SHA256
  
  28230658c4bfb33b798e88575098f0be6c2c6e8c20e07e920d4ea175e95f3c3a
- SHA512
  
  bce3a0efeca0c252623937d7de5a50486c96c98746fe2cc638efbc51b8ed5cb8166a000efc5a41df9c605ecb039c7894674e2cb87428fffc061758ae339013c7
Score

10^/10

asyncrat together rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

asyncrattogetherrat

behavioral2

asyncrattogetherrat

© 2018-2024

Terms | Privacy