asyncrat

General

Target

Unlimited.ps1
Size

241KB
Sample

220701-fkdy4sefe9
MD5

e9dd6ae79fddbcabe2aa76e8fddd0244
SHA1

7ba6c74d36634c6b673ecd05d69a22038e171c6f
SHA256

5227ed40f5ee2c8d976365582e7550bf43e1cedaca4ffdbf3f6993d78826ac47
SHA512

bbffbc363bbd1b97a21b8651f39998de6e7c9c8212e0a8c8ef4e9990b1af18a9b78e835bc2b41f87c5993e82e407d44f09009a6f6cb634d8dec06c9fa0b46244

Score

10^/10

asyncrat $$$$rat

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

$$$$

C2

cdtpitbull.hopto.org:7707

cdtpitbull.hopto.org:4404

cdtpitbull.hopto.org:5505

cdtpitbull.hopto.org:3303

cdtpitbull.hopto.org:2222

chromedata.accesscam.org:7707

chromedata.accesscam.org:4404

chromedata.accesscam.org:5505

chromedata.accesscam.org:3303

chromedata.accesscam.org:2222

datacontrol.ddns.net:7707

datacontrol.ddns.net:4404

datacontrol.ddns.net:5505

datacontrol.ddns.net:3303

datacontrol.ddns.net:2222

cdt2023.ddns.net:7707

cdt2023.ddns.net:4404

cdt2023.ddns.net:5505

cdt2023.ddns.net:3303

cdt2023.ddns.net:2222

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_file
DesbravadorUpdata.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Unlimited.ps1
- Size
  
  241KB
- MD5
  
  e9dd6ae79fddbcabe2aa76e8fddd0244
- SHA1
  
  7ba6c74d36634c6b673ecd05d69a22038e171c6f
- SHA256
  
  5227ed40f5ee2c8d976365582e7550bf43e1cedaca4ffdbf3f6993d78826ac47
- SHA512
  
  bbffbc363bbd1b97a21b8651f39998de6e7c9c8212e0a8c8ef4e9990b1af18a9b78e835bc2b41f87c5993e82e407d44f09009a6f6cb634d8dec06c9fa0b46244
Score

10^/10

asyncrat $$$$rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Async RAT payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2