asyncrat | a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34 | Triage

Sharing

General

Target

payload.bat
Size

48KB
Sample

230131-vwe3wahc28
MD5

83875df1ddf8a47531e763f5bc140691
SHA1

8d1bc0c5bceedd229b8faaf6542779726188b145
SHA256

a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34
SHA512

e19c020f4fe1922a4adef3dd50851514a99852b7eefa9b74e6e954f941349a60589e171a618423d0029e8d3e8568536026a1012586a74daa4d19a1ebabb701a7
SSDEEP

768:xZZOUUP++sgCpDgSE2WPENq+qrD/PESqitk3Spn1eqy1nUNamt:m+qCNgNgqdj1qitvl

Score

10^/10

asyncrat rat spyware stealer

Malware Config

Targets

- Target
  
  payload.bat
- Size
  
  48KB
- MD5
  
  83875df1ddf8a47531e763f5bc140691
- SHA1
  
  8d1bc0c5bceedd229b8faaf6542779726188b145
- SHA256
  
  a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34
- SHA512
  
  e19c020f4fe1922a4adef3dd50851514a99852b7eefa9b74e6e954f941349a60589e171a618423d0029e8d3e8568536026a1012586a74daa4d19a1ebabb701a7
- SSDEEP
  
  768:xZZOUUP++sgCpDgSE2WPENq+qrD/PESqitk3Spn1eqy1nUNamt:m+qCNgNgqdj1qitvl
Score

10^/10

asyncrat rat spyware stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Hidden Files and Directories

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Hidden Files and Directories

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratratspywarestealer