asyncrat | 40c0d2006ca35701294a9450cb8d44b0bf7f0e4363641bb890a84e5d89094183 | Triage

Sharing

General

Target

40c0d2006ca35701294a9450cb8d44b0bf7f0e4363641bb890a84e5d89094183.ps1
Size

345KB
Sample

221124-zvspssch41
MD5

6f015e02b96b417ce0b84d76b6cb8353
SHA1

9596f8545e2c1a30a0b03931b4ff7e5bbb0e8161
SHA256

40c0d2006ca35701294a9450cb8d44b0bf7f0e4363641bb890a84e5d89094183
SHA512

bbe33d286a98597c0fb88dff7b9d29acfd7e3b44c3c2a4d1e41b9ba657b5870e8d344d651d47a00650efa3b3bce9e51980dcd0e521668add57942f208a84ce2b
SSDEEP

6144:J0EVR64eKCEIqQWVUBFJHFe933XjSuSTIoHv+JUB+b8jDQocIH/X:J0EVRpeKCEIqQWVUBFJHFe93ujTIoHvt

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

185.81.157.19:6666

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  40c0d2006ca35701294a9450cb8d44b0bf7f0e4363641bb890a84e5d89094183.ps1
- Size
  
  345KB
- MD5
  
  6f015e02b96b417ce0b84d76b6cb8353
- SHA1
  
  9596f8545e2c1a30a0b03931b4ff7e5bbb0e8161
- SHA256
  
  40c0d2006ca35701294a9450cb8d44b0bf7f0e4363641bb890a84e5d89094183
- SHA512
  
  bbe33d286a98597c0fb88dff7b9d29acfd7e3b44c3c2a4d1e41b9ba657b5870e8d344d651d47a00650efa3b3bce9e51980dcd0e521668add57942f208a84ce2b
- SSDEEP
  
  6144:J0EVR64eKCEIqQWVUBFJHFe933XjSuSTIoHv+JUB+b8jDQocIH/X:J0EVRpeKCEIqQWVUBFJHFe93ujTIoHvt
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

asyncratdefaultrat