asyncrat

General

Target

KKAAYY.bat
Size

48KB
Sample

230201-wrcydsda3t
MD5

83875df1ddf8a47531e763f5bc140691
SHA1

8d1bc0c5bceedd229b8faaf6542779726188b145
SHA256

a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34
SHA512

e19c020f4fe1922a4adef3dd50851514a99852b7eefa9b74e6e954f941349a60589e171a618423d0029e8d3e8568536026a1012586a74daa4d19a1ebabb701a7
SSDEEP

768:xZZOUUP++sgCpDgSE2WPENq+qrD/PESqitk3Spn1eqy1nUNamt:m+qCNgNgqdj1qitvl

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

churchmon.ddns.net:6606

churchmon.ddns.net:7707

churchmon.ddns.net:8808

churchmon21.ddns.net:6606

churchmon21.ddns.net:7707

churchmon21.ddns.net:8808

churchmon22.ddns.net:6606

churchmon22.ddns.net:7707

churchmon22.ddns.net:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  KKAAYY.bat
- Size
  
  48KB
- MD5
  
  83875df1ddf8a47531e763f5bc140691
- SHA1
  
  8d1bc0c5bceedd229b8faaf6542779726188b145
- SHA256
  
  a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34
- SHA512
  
  e19c020f4fe1922a4adef3dd50851514a99852b7eefa9b74e6e954f941349a60589e171a618423d0029e8d3e8568536026a1012586a74daa4d19a1ebabb701a7
- SSDEEP
  
  768:xZZOUUP++sgCpDgSE2WPENq+qrD/PESqitk3Spn1eqy1nUNamt:m+qCNgNgqdj1qitvl
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Async RAT payload

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2