asyncrat | cd2c63e16f4c1e79e7763c278146acae54dca752c25ad46d47167f69d70d714a | Triage

Sharing

General

Target

cd2c63e16f4c1e79e7763c278146acae54dca752c25ad46d47167f69d70d714a
Size

14.7MB
Sample

221225-jaa19abc23
MD5

533f876556e02dec453f6fa4c2536967
SHA1

a4abdc1e4b26623e2be6c3715c1a75a5a6e2c397
SHA256

cd2c63e16f4c1e79e7763c278146acae54dca752c25ad46d47167f69d70d714a
SHA512

3935d864faa3e7c32e6a4fa2a7ab01a9ae2c103531a73df1a6500ce78321f86623e3e9d7be74535ff0bd09382462915239f263c9466cb8ef6437c48a55fcb47a
SSDEEP

196608:6nMPXMnhoMskO1/6Bstbu5F5bciXk0H+TnrgC8d:6nMQdCJEl5o+Ha8jd

Score

10^/10

asyncrat derenderscuriry rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

DerenderScuriry

C2

20.100.196.69:9281

Mutex

DerenderScuriry

Attributes

delay
3
install
false
install_file
DerenderScuriry
install_folder
%AppData%

aes.plain

Targets

- Target
  
  cd2c63e16f4c1e79e7763c278146acae54dca752c25ad46d47167f69d70d714a
- Size
  
  14.7MB
- MD5
  
  533f876556e02dec453f6fa4c2536967
- SHA1
  
  a4abdc1e4b26623e2be6c3715c1a75a5a6e2c397
- SHA256
  
  cd2c63e16f4c1e79e7763c278146acae54dca752c25ad46d47167f69d70d714a
- SHA512
  
  3935d864faa3e7c32e6a4fa2a7ab01a9ae2c103531a73df1a6500ce78321f86623e3e9d7be74535ff0bd09382462915239f263c9466cb8ef6437c48a55fcb47a
- SSDEEP
  
  196608:6nMPXMnhoMskO1/6Bstbu5F5bciXk0H+TnrgC8d:6nMQdCJEl5o+Ha8jd
Score

10^/10

asyncrat derenderscuriry rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

asyncratderenderscuriryrat