asyncrat | b297a3e0403dc3b27fcd955c9a00efb0b757da79bc3de9bba4e14a89d30a330c | Triage

Submit
Reports

Overview

overview

Static

static

AnyDesk.exe

windows7-x64

AnyDesk.exe

windows10-2004-x64

Sharing

General

Target

AnyDesk.zip
Size

29.0MB
Sample

230119-r63edagc68
MD5

61dbd4685507f3aebba801f9c61b3318
SHA1

85cec170166380c917ee3c2c2a1db199f7c71e1f
SHA256

b297a3e0403dc3b27fcd955c9a00efb0b757da79bc3de9bba4e14a89d30a330c
SHA512

df61a25625a0a2da70dc210d7d4e96f49447f2e6aa75fac0035a873b49d84bff5931c61c93584655ab0565eefc3028cc6991ce7d8aceafeddc69eb357c701f97
SSDEEP

786432:muEmez65xit1mq6wjGc5TCk2H3s5v5BM6dGCDpUThwYot5tD+du:m3CxkXGc5T2XA5S3spUTpuz+8

Score

10^/10

asyncrat lucastealer xmrig evasion miner persistence rat trojan

Static task

static1

rat miner asyncrat xmrig lucastealer

5 signatures

Behavioral task

behavioral1

Sample

AnyDesk.exe

Resource

win7-20220812-en

evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

AnyDesk.exe

Resource

win10v2004-20221111-en

evasion persistence trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  AnyDesk.exe
- Size
  
  1024.0MB
- MD5
  
  eaad183f45933c9a0555faa8fc11ad18
- SHA1
  
  18f60cb6fc480c630ebb7840a0ce221204c1a35d
- SHA256
  
  001089c78854b89c19d1636239e822160f1e84d3ffd1f60d59907e075c71c7a0
- SHA512
  
  4b8c93e501a1be9d1b819089d6e7fb5b29c9b355acb2b9018b19cf5e675b5d3c3630ac861a4a2ad576984cce48d5e5c651d431b18d60decce6837fa6fa720791
- SSDEEP
  
  393216:yqvNmrbQZmAPE6a2/vVyBTVKc7c85j4euNCb/9rEaQWwdKmleIw6v0vo:X8A8l2/oWcI8j4euC/dEaPwdKmAIxvM
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratminerasyncratxmriglucastealer

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan

© 2018-2024

Terms | Privacy