asyncrat

General

Target

F605416A4ABCE35B85CE6D88B370E7BEC3C012772A0EB.exe
Size

70KB
Sample

220929-zcgjtabhg3
MD5

198a692570d1a3197a7b82d5010ff135
SHA1

757965d8c9f119e87a224f0a8a55fc7cd9225f71
SHA256

f605416a4abce35b85ce6d88b370e7bec3c012772a0eb35c70e4f5aa0cdc9b3d
SHA512

3572fac7eae731cc7499cd9baac1e98b092dd96237352807a659a3890f1a91338ee10a7d25668e98891c3e06d3b3c3354aba63a775100be5007c4584ea57c948
SSDEEP

1536:Okc5mbE6TWogwg5wy74WcMX662ho4zdSmhFNhHMUC:Okc5mbEYWog35T4SXEhzcA3hH7C

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.7A

Botnet

Default

C2

163.172.225.185:6606

163.172.225.185:7707

163.172.225.185:8808

163.172.225.185:551

163.172.225.185:677

163.172.225.185:441

163.172.225.185:661

163.172.225.185:412

Mutex

iurufubmszrrcclmx

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  F605416A4ABCE35B85CE6D88B370E7BEC3C012772A0EB.exe
- Size
  
  70KB
- MD5
  
  198a692570d1a3197a7b82d5010ff135
- SHA1
  
  757965d8c9f119e87a224f0a8a55fc7cd9225f71
- SHA256
  
  f605416a4abce35b85ce6d88b370e7bec3c012772a0eb35c70e4f5aa0cdc9b3d
- SHA512
  
  3572fac7eae731cc7499cd9baac1e98b092dd96237352807a659a3890f1a91338ee10a7d25668e98891c3e06d3b3c3354aba63a775100be5007c4584ea57c948
- SSDEEP
  
  1536:Okc5mbE6TWogwg5wy74WcMX662ho4zdSmhFNhHMUC:Okc5mbEYWog35T4SXEhzcA3hH7C
Score

10^/10

asyncrat default persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Async RAT payload

Adds Run key to start application

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2