Overview

overview

10

Static

static

79a7614b6d...87.vbs

windows7_x64

10

79a7614b6d...87.vbs

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79a7614b6d8ce75486f3b2a9b6c040b4a81ddb388190beb48fa01f5d6d229887

  • Size

    301KB

  • Sample

    220708-zcbzbsfhdj

  • MD5

    c30ac201e015a9c7d486540e635bbc2f

  • SHA1

    de6a7085adab35a08726a23b0aad3822f1e60cd6

  • SHA256

    79a7614b6d8ce75486f3b2a9b6c040b4a81ddb388190beb48fa01f5d6d229887

  • SHA512

    7d5fa7fc51a495fb6f99cc143516116c8e325183e5c0db66db75fb83fa7c6e3e8210b68231129ec05f235c3df20706f0ee5fe25875cfa8c2f8de9d7a431afe2f

Score
10/10
asyncratrat

Malware Config

Targets

    • Target

      79a7614b6d8ce75486f3b2a9b6c040b4a81ddb388190beb48fa01f5d6d229887

    • Size

      301KB

    • MD5

      c30ac201e015a9c7d486540e635bbc2f

    • SHA1

      de6a7085adab35a08726a23b0aad3822f1e60cd6

    • SHA256

      79a7614b6d8ce75486f3b2a9b6c040b4a81ddb388190beb48fa01f5d6d229887

    • SHA512

      7d5fa7fc51a495fb6f99cc143516116c8e325183e5c0db66db75fb83fa7c6e3e8210b68231129ec05f235c3df20706f0ee5fe25875cfa8c2f8de9d7a431afe2f

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks