asyncrat | 666b7cd211ead3bc4fc8ff1e480a73ab9cb8ecf678e31991f5d6269b00282087 | Triage

Sharing

General

Target

tmp
Size

836KB
Sample

220704-vhtdcacdb9
MD5

3578aaa113d7683b85fc0768f816dafb
SHA1

1e362280a1d800d7ea999370aac20c883eefb517
SHA256

666b7cd211ead3bc4fc8ff1e480a73ab9cb8ecf678e31991f5d6269b00282087
SHA512

bb33fa86a42f823d58d844b249893f9a0e7e139d41368f110d4dcc882341f91c5b9921b56352a9f516c13e3fe3799fb067677229cec6f368ae9e684299d18630

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

ANC8.0

Botnet

Default

C2

frp1.freefrp.net:37898

Mutex

MUTEX

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  tmp
- Size
  
  836KB
- MD5
  
  3578aaa113d7683b85fc0768f816dafb
- SHA1
  
  1e362280a1d800d7ea999370aac20c883eefb517
- SHA256
  
  666b7cd211ead3bc4fc8ff1e480a73ab9cb8ecf678e31991f5d6269b00282087
- SHA512
  
  bb33fa86a42f823d58d844b249893f9a0e7e139d41368f110d4dcc882341f91c5b9921b56352a9f516c13e3fe3799fb067677229cec6f368ae9e684299d18630
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

asyncratdefaultrat

behavioral2