asyncrat | b1453958381015591f0f5bb284f3614321ca5ee9a82acb4d203f10e66d05f779 | Triage

Submit
Reports

Overview

overview

Static

static

win10-standard

windows10-2004-x64

Sharing

General

Target

6cc1c3d9c663900c34c5a4ea21b014877e6fa5e3
Size

300B
Sample

221207-abnt3aag6s
MD5

902d1f5d399e00825d5fc337d8a6e7a6
SHA1

6cc1c3d9c663900c34c5a4ea21b014877e6fa5e3
SHA256

b1453958381015591f0f5bb284f3614321ca5ee9a82acb4d203f10e66d05f779
SHA512

ba1ca3f962033934f01259ffcfce3317a05addaa599d9c5ee587377706bd76bbc3455cf82cd6eec31b2350e5ac1d29a41ea4ba05fde7ecf793e9e1ff0b5a9288

Score

10^/10

asyncrat default rat

Static task

static1

Behavioral task

behavioral1

Sample

6cc1c3d9c663900c34c5a4ea21b014877e6fa5e3.vbs

Resource

win10v2004-20221111-en

asyncrat default rat

windows10-2004-x64

11 signatures

200 seconds

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

rider.giize.com:6606

rider.giize.com:7707

rider.giize.com:8808

Mutex

AsyncMutex_rf

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  6cc1c3d9c663900c34c5a4ea21b014877e6fa5e3
- Size
  
  300B
- MD5
  
  902d1f5d399e00825d5fc337d8a6e7a6
- SHA1
  
  6cc1c3d9c663900c34c5a4ea21b014877e6fa5e3
- SHA256
  
  b1453958381015591f0f5bb284f3614321ca5ee9a82acb4d203f10e66d05f779
- SHA512
  
  ba1ca3f962033934f01259ffcfce3317a05addaa599d9c5ee587377706bd76bbc3455cf82cd6eec31b2350e5ac1d29a41ea4ba05fde7ecf793e9e1ff0b5a9288
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratdefaultrat

© 2018-2024

Terms | Privacy