General

  • Target

    1720e833db94e2388213e8dbfd8589819ddc8525295c9e2e6df61c2c6446f136

  • Size

    56KB

  • Sample

    220930-zfpdtsegd3

  • MD5

    f64ccbc901901c142778923c42a6e582

  • SHA1

    214ec7d3082028bcf42a2f7e86917c2d40b9611b

  • SHA256

    1720e833db94e2388213e8dbfd8589819ddc8525295c9e2e6df61c2c6446f136

  • SHA512

    6571b0c2590b9f60b86515a03ca05bbcfbce3d5f01243b91e4870d465439823551ac4129c4fb520215347b96a1a9223faa5aaffceaa0a4fdbe50cdd7a62e08d9

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

110.238.105.105:8848

Attributes
delay
1
install
false
install_folder
%AppData%
aes.plain

Targets

    • Target

      1720e833db94e2388213e8dbfd8589819ddc8525295c9e2e6df61c2c6446f136

    • Size

      56KB

    • MD5

      f64ccbc901901c142778923c42a6e582

    • SHA1

      214ec7d3082028bcf42a2f7e86917c2d40b9611b

    • SHA256

      1720e833db94e2388213e8dbfd8589819ddc8525295c9e2e6df61c2c6446f136

    • SHA512

      6571b0c2590b9f60b86515a03ca05bbcfbce3d5f01243b91e4870d465439823551ac4129c4fb520215347b96a1a9223faa5aaffceaa0a4fdbe50cdd7a62e08d9

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

    • Async RAT payload

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation