asyncrat | edc44a84ce28569564d054b7cd9326d9b839ecd84bd3a3f2f71d1507a67c7c12 | Triage

Sharing

General

Target

tmp
Size

1.6MB
Sample

230321-x4mtssef7x
MD5

bb638f1ff8cb13e6d3f103ce356ca334
SHA1

71c1952158eb43d9b21cf018ef65a99b01682a74
SHA256

edc44a84ce28569564d054b7cd9326d9b839ecd84bd3a3f2f71d1507a67c7c12
SHA512

7b938ac125e656a92946cb5bdf12828e4405e3b49a893532cefa2e6899d75afe8ccc68c57d977d24a0083b130c8ff0d6102754918e599b74e960d0b0330fae3b
SSDEEP

49152:SIiHsAJScXAJvVqnAgGTveta7OPggaV/KjiVOSYu9dQvqh:FnAJScqqnAgGTga7O/aV/KjiLh3Qvqh

Score

10^/10

asyncrat rat

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
45.151.135.235
Port:
21
Username:
123
Password:
123

Extracted

Family

asyncrat

C2

112.213.110.66:8848

Mutex

tiandao

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  tmp
- Size
  
  1.6MB
- MD5
  
  bb638f1ff8cb13e6d3f103ce356ca334
- SHA1
  
  71c1952158eb43d9b21cf018ef65a99b01682a74
- SHA256
  
  edc44a84ce28569564d054b7cd9326d9b839ecd84bd3a3f2f71d1507a67c7c12
- SHA512
  
  7b938ac125e656a92946cb5bdf12828e4405e3b49a893532cefa2e6899d75afe8ccc68c57d977d24a0083b130c8ff0d6102754918e599b74e960d0b0330fae3b
- SSDEEP
  
  49152:SIiHsAJScXAJvVqnAgGTveta7OPggaV/KjiVOSYu9dQvqh:FnAJScqqnAgGTga7O/aV/KjiLh3Qvqh
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2