asyncrat | ab8633debd051d65dde309e985c402d59ec5615a030c17714389c6f3e9ab3899 | Triage

Submit
Reports

Overview

overview

Static

static

ab8633debd...99.exe

windows7_x64

ab8633debd...99.exe

windows10-2004_x64

Sharing

General

Target

ab8633debd051d65dde309e985c402d59ec5615a030c17714389c6f3e9ab3899
Size

535KB
Sample

220521-xkc59afbgm
MD5

a08f53208b0832720dc057d5b2d17e97
SHA1

fe2ef8a2d445b410fa67a681285a3eab290ad295
SHA256

ab8633debd051d65dde309e985c402d59ec5615a030c17714389c6f3e9ab3899
SHA512

b349117988ebb5f4f6963697cb00c1a02f18f5b5d288ba84d8429e7cb63ca145ee157d0b6c40728da2dda59611c240884c76e01252aff368fca30ceb5455f6c2

Score

10^/10

asyncrat slaves monday rat

Static task

static1

Behavioral task

behavioral1

Sample

ab8633debd051d65dde309e985c402d59ec5615a030c17714389c6f3e9ab3899.exe

Resource

win7-20220414-en

asyncrat slaves monday rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ab8633debd051d65dde309e985c402d59ec5615a030c17714389c6f3e9ab3899.exe

Resource

win10v2004-20220414-en

asyncrat slaves monday rat

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

SLAVES MONDAY

C2

194.5.98.81:3434

Mutex

AsyncMutex_6363f86fs6fw6f

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  ab8633debd051d65dde309e985c402d59ec5615a030c17714389c6f3e9ab3899
- Size
  
  535KB
- MD5
  
  a08f53208b0832720dc057d5b2d17e97
- SHA1
  
  fe2ef8a2d445b410fa67a681285a3eab290ad295
- SHA256
  
  ab8633debd051d65dde309e985c402d59ec5615a030c17714389c6f3e9ab3899
- SHA512
  
  b349117988ebb5f4f6963697cb00c1a02f18f5b5d288ba84d8429e7cb63ca145ee157d0b6c40728da2dda59611c240884c76e01252aff368fca30ceb5455f6c2
Score

10^/10

asyncrat slaves monday rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratslaves mondayrat

behavioral2

asyncratslaves mondayrat

© 2018-2024

Terms | Privacy