asyncrat | 7a1294dd26b7c726bc22f9771ca66d8ce6191bd6aa91154059965dcdc0f7510d | Triage

Submit
Reports

Overview

overview

Static

static

DOC_202210...16.scr

windows7-x64

DOC_202210...16.scr

windows10-2004-x64

Sharing

General

Target

DOC_20221012_094045716.zip
Size

482KB
Sample

221015-mrqd2sfebk
MD5

8f9e62cd65fb0bbc8807f1906cbbbb71
SHA1

2811a521346d392a2c99e3c5877ab879b822dbf7
SHA256

7a1294dd26b7c726bc22f9771ca66d8ce6191bd6aa91154059965dcdc0f7510d
SHA512

47761b47fa132cdcc6340f4d8d9324c370ed367eccf6a0f47713a74aa99ca6c4b0658c47b2e3ba43075043203629c68d062085ad6372b4f585358e6ad7b232aa
SSDEEP

1536:MhpKvNInlI8JFcwy7qr3WRe1nAmbn8qJxd548LDEw1rdgP0iY6:MXKvalI8HRCReb8E548L5ddg8d6

Score

10^/10

asyncrat oct 11 rat

Static task

static1

Behavioral task

behavioral1

Sample

DOC_20221012_094045716.scr

Resource

win7-20220812-en

asyncrat oct 11 rat

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

DOC_20221012_094045716.scr

Resource

win10v2004-20220901-en

asyncrat oct 11 rat

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Oct 11

C2

donzola.duckdns.org:2000

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  DOC_20221012_094045716.scr
- Size
  
  406.0MB
- MD5
  
  e95cc5f4f2be88cdd778ddb951e287e4
- SHA1
  
  478fca06aeb68ab97d2e99c1436b4cc3370ec6d9
- SHA256
  
  e5b25e4f90530ff9fad1f617d8347f497a8bdba07e707f522564132a5bfab0b5
- SHA512
  
  23f420f9e904ab6b2d8954ef2232cd8b84560c8f856bc83e74d8eb17228def2dc6be09db8aa7f8a67d5914be2e2e228cd483d818602a79397f96c709c5e5c49a
- SSDEEP
  
  3072:M+rR+Y6VgvQdJK0vtNZg/V7S+O+dvvAun:M+BFI3vtNZNH+dv
Score

10^/10

asyncrat oct 11 rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratoct 11rat

behavioral2

asyncratoct 11rat

© 2018-2024

Terms | Privacy