asyncrat | c96718e4f79dbc5e868f55720c77af071011de9b7dbd239243cc8a8604235822 | Triage

Submit
Reports

Overview

overview

Static

static

a2488b9d02...47.exe

windows7-x64

a2488b9d02...47.exe

windows10-2004-x64

Sharing

General

Target

a2488b9d02c16c8f4227e7657d066c47.exe
Size

76KB
Sample

221004-ktv17sadb4
MD5

a2488b9d02c16c8f4227e7657d066c47
SHA1

de1a49fc402e04109f1549846c542cb0aa483371
SHA256

c96718e4f79dbc5e868f55720c77af071011de9b7dbd239243cc8a8604235822
SHA512

2771ae5cc4b024750c76528cf5a678af44d56950663a859a36aaa5d0bedacd39a65a7a1e10197511a5b0ae7cd803ddfc0f8d18956b418b2a6eb4f20a0829713c
SSDEEP

1536:/wwwmEsKq68kCKQtkGtJaYDxG+wlDOFjZNIduA/F4Ro9:/wwwmEsKq68kCKQtkG/aoE+ODgjZN0uc

Score

10^/10

asyncrat drax rat

Static task

static1

Behavioral task

behavioral1

Sample

a2488b9d02c16c8f4227e7657d066c47.exe

Resource

win7-20220812-en

asyncrat drax rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

a2488b9d02c16c8f4227e7657d066c47.exe

Resource

win10v2004-20220812-en

asyncrat drax rat

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

drax

C2

azazws6606.linkpc.net:6606

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  a2488b9d02c16c8f4227e7657d066c47.exe
- Size
  
  76KB
- MD5
  
  a2488b9d02c16c8f4227e7657d066c47
- SHA1
  
  de1a49fc402e04109f1549846c542cb0aa483371
- SHA256
  
  c96718e4f79dbc5e868f55720c77af071011de9b7dbd239243cc8a8604235822
- SHA512
  
  2771ae5cc4b024750c76528cf5a678af44d56950663a859a36aaa5d0bedacd39a65a7a1e10197511a5b0ae7cd803ddfc0f8d18956b418b2a6eb4f20a0829713c
- SSDEEP
  
  1536:/wwwmEsKq68kCKQtkGtJaYDxG+wlDOFjZNIduA/F4Ro9:/wwwmEsKq68kCKQtkG/aoE+ODgjZN0uc
Score

10^/10

asyncrat drax rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratdraxrat

behavioral2

asyncratdraxrat

© 2018-2024

Terms | Privacy