asyncrat | 936f9446a395968cd7a9fb02f695ff68b550f04ecef14db94ab8aa5f33ee7208 | Triage

Submit
Reports

Overview

overview

Static

static

ManLearnin...32.exe

windows7-x64

ManLearnin...32.exe

windows10-2004-x64

Sharing

General

Target

ManLearningCourse-main.zip
Size

31KB
Sample

221207-henmgada76
MD5

8411510e0b467c89cbef0fa6e87b7408
SHA1

2acfabc19fef7a85a4aa835ca1a78a1886cb5b62
SHA256

936f9446a395968cd7a9fb02f695ff68b550f04ecef14db94ab8aa5f33ee7208
SHA512

0608619c9340122c42e48b67acecdeb9d2891411be9e1c5dbfbcdfc9a07bc19df7668972dae86ddcb1e8ab2a4da98e7ed76ab117b661e4c36cf1caa9a9545f71
SSDEEP

768:58dW2W2PD4/0y8/IbkbEXHGk55hFfy9Kysgvh7Ko/5zCnlfr:5iW7MKtrXHGk55hFKBsChpxzmfr

Score

10^/10

asyncrat rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ManLearningCourse-main/windll32.exe

Resource

win7-20221111-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ManLearningCourse-main/windll32.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  ManLearningCourse-main/windll32.exe
- Size
  
  57KB
- MD5
  
  3c7f22b2aec2778946449c555b71abf9
- SHA1
  
  230eb5af23d0fd72331f056e4b6bdb3d43c6671a
- SHA256
  
  51db4d2c54e299ae26b3085633aa79476560f9a2f5cc4328683cdee5fb6591fe
- SHA512
  
  cd1a439ba1b8e11d7203ed5cbe145245017ab8980feb08c3786ebb493b847cfab9934eb4fff3bc99f71594c05092c31fe78a6a86bfa2fa4089ee9ebd5afee85b
- SSDEEP
  
  1536:8uYH9T34l26qvDm3bbXSMZyuB3ibtdXxKDHz/kP0N:8uYdT34l26QDm3bbFl2t1xKXkP0N
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy