asyncrat | 385190d8956436f6aa9f405cdba47f8e773b6edbabd082e182a87e8ee31a7189 | Triage

Sharing

General

Target

OTP_BOT2022.rar
Size

59KB
Sample

230205-t99nzaab59
MD5

00769265343287bd629ae51fdacd96e6
SHA1

df8db640cd1041c577e2bbfcab602032a0fb9c2c
SHA256

385190d8956436f6aa9f405cdba47f8e773b6edbabd082e182a87e8ee31a7189
SHA512

3343d0e4d3ea997ee6eee74c3bb7cde6dde1825e42be17dfca3e1a285f74d2f690af2faffc6e3e87382c37d0ed31c2e52fdc6ba1a4cd6d3ca7fe404d91391ad7
SSDEEP

1536:ZioqWjtXRHqpUYsGsKSmLfuRzukZxqAXpdPN8Q4ZcGMJi9R:ZioBtRHqpxsGMmuRazA7PN8RczJA

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

127.0.0.1:6666

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  OTP_BOT2022/OTP_BOTv22.exe
- Size
  
  259KB
- MD5
  
  fa19070c61d193fbb49938c6b9116d08
- SHA1
  
  a7ca45c54edc96afa05954c6a31db093ce17f244
- SHA256
  
  283a885196ca1fab367fdbcbee9cec2d1cc0f5e0d8be02e86dac47fb0dd4702d
- SHA512
  
  c2a5cbb0cba0da77ca1db0725a36619e990ef792dcbf88e0ccd9a0650de0247cefb3d67b51565bacee2255bf3ea15517d825a330e24dad8a97718e780fa98874
- SSDEEP
  
  6144:tdzbpmVzABPq4JHHViNWxcY1eW2mW0cs:tdHr
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat