asyncrat | 22cab462a857158b170376f73d28154d7337f9379e84695875be62e178c5597c | Triage

Submit
Reports

Overview

overview

Static

static

22cab462a8...7c.exe

windows7-x64

22cab462a8...7c.exe

windows10-2004-x64

Sharing

General

Target

22cab462a857158b170376f73d28154d7337f9379e84695875be62e178c5597c
Size

987KB
Sample

221130-prnassah34
MD5

2bad27a37d32b4235aac6fcdf74b4306
SHA1

8b2b15c01b1e54be6396af46ab3b59fee67f5148
SHA256

22cab462a857158b170376f73d28154d7337f9379e84695875be62e178c5597c
SHA512

eb6ffa7c229d6e687ed65f69a77d1a94166410d5e77be812c956a58396dbdf7b1b5817e7eee0ae67c62776cd6c1c83be11e44f577a1b780027ee3bfdc7cbc0b0
SSDEEP

12288:ruDnl6cMv0obsCnG1eQmXViI2gDnUyfSAgyZx:rklk1NQmX4SUPsX

Score

10^/10

asyncrat default rat

Static task

static1

Behavioral task

behavioral1

Sample

22cab462a857158b170376f73d28154d7337f9379e84695875be62e178c5597c.exe

Resource

win7-20220812-en

asyncrat default rat

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

22cab462a857158b170376f73d28154d7337f9379e84695875be62e178c5597c.exe

Resource

win10v2004-20221111-en

asyncrat default rat

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

168.62.160.75:1604

168.62.160.75:222

tehliike.duckdns.org:1604

tehliike.duckdns.org:222

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_file
setup.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  22cab462a857158b170376f73d28154d7337f9379e84695875be62e178c5597c
- Size
  
  987KB
- MD5
  
  2bad27a37d32b4235aac6fcdf74b4306
- SHA1
  
  8b2b15c01b1e54be6396af46ab3b59fee67f5148
- SHA256
  
  22cab462a857158b170376f73d28154d7337f9379e84695875be62e178c5597c
- SHA512
  
  eb6ffa7c229d6e687ed65f69a77d1a94166410d5e77be812c956a58396dbdf7b1b5817e7eee0ae67c62776cd6c1c83be11e44f577a1b780027ee3bfdc7cbc0b0
- SSDEEP
  
  12288:ruDnl6cMv0obsCnG1eQmXViI2gDnUyfSAgyZx:rklk1NQmX4SUPsX
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat

© 2018-2024

Terms | Privacy