asyncrat | f45c1e3804cb3db0debb4a9f77a86ca6fb8b8ae55b732d45ee7ac8e617568094 | Triage

Submit
Reports

Overview

overview

Static

static

CraxsRat v4/Crack.exe

windows10-2004-x64

CraxsRat v...v4.exe

windows10-2004-x64

CraxsRat v4/V4.exe

windows10-2004-x64

1

Resubmissions

09-05-2023 18:34

230509-w77spsfc6z 10

Sharing

General

Target

CraxsRat v 4.9.rar
Size

231.0MB
Sample

230509-w77spsfc6z
MD5

9f92215aa6a72e947129d350991bc383
SHA1

8f62586987f5808f6d3973d1bed58a74db0b96df
SHA256

f45c1e3804cb3db0debb4a9f77a86ca6fb8b8ae55b732d45ee7ac8e617568094
SHA512

70b3b18cd1796535d77f707ae32617ef22ba8712f6b79abfebf05a334f91da8df709f1f60cb36e4c7bd09b940a7b5b62676f991c423d9db12d6cb45edadbb7d4
SSDEEP

6291456:0VUyqQqdQSIKY9RW9NdniZ6IuS0toCv4BKaNB:0VUy4q6/sZc/44aj

Score

10^/10

asyncrat default agilenet rat

Static task

static1

rat default agilenet asyncrat

4 signatures

Behavioral task

behavioral1

Sample

CraxsRat v4/Crack.exe

Resource

win10v2004-20230220-en

asyncrat default rat

windows10-2004-x64

11 signatures

30 seconds

Behavioral task

behavioral2

Sample

CraxsRat v4/CraxsRat v4.exe

Resource

win10v2004-20230220-en

asyncrat default rat

windows10-2004-x64

13 signatures

30 seconds

Behavioral task

behavioral3

Sample

CraxsRat v4/V4.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

30 seconds

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

description-lease.at.ply.gg:25727

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
true
install_file
Updates.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  CraxsRat v4/Crack.exe
- Size
  
  47KB
- MD5
  
  71499b2947646d03cf1f0addf810083e
- SHA1
  
  3d4d1e108ab43e0a6416bad34e3915e6e6a79873
- SHA256
  
  5a8e9e4691806bc732d2ac2dc4e1e1679f49ccf7c228d828dc329ffd85084512
- SHA512
  
  6fd9e8720a1be33b614cf2bdabdc813f5981f996187b6fb00be744d62a9d905d90bcab31e7f936f0d66eb60a9dea0d8c46e5a6d1475581b88e9606ffe2864b8f
- SSDEEP
  
  768:DeICljTILmCKi+DiBtelDSN+iV08Ybyge6D9KyvEgK/J3ZVc6KN:DeIYdmBtKDs4zb1P8ynkJ3ZVclN
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1
- Target
  
  CraxsRat v4/CraxsRat v4.exe
- Size
  
  40.4MB
- MD5
  
  0a8bf2ffe2185df17bb19c6ed4b42ad0
- SHA1
  
  009de1363fe7ada66f3afcddfaf9dd0bcf613851
- SHA256
  
  7ebfbe851e5c1292af8b93e9c063b0b5d2a6a8c3f76ce3d632481f5ac721d46b
- SHA512
  
  5163a938be96e70141ac5a14c945cd176b6bb6b4151120f782712dd99e5a5dcd05f45f4532c8b779399ba880dd9025ee975bf47c6173fe0abab30e654fca3565
- SSDEEP
  
  786432:W77gdhsrmTjcrOdr5x7L7U+Txg9/M5UAMcjDoUUxINgxYNYiFniTT:I78sqTArSt7DW5rcjkjYNXiTT
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral2
- Target
  
  CraxsRat v4/V4.exe
- Size
  
  40.9MB
- MD5
  
  2c3de095ad1ad12d56c4656642c4e541
- SHA1
  
  f8925dc9c68895958961a5c01e989f622f644f0c
- SHA256
  
  85e1519a11df4b2c6d36d64536fb1070cd6cdd01da502056aab2a01b468016c3
- SHA512
  
  5be44b6e3c99847f8507e1ba32f2fa157b6da8cf09f7baf12030bd57f29c5872e2d5934cc64836b2de98242422f4d91b9224071b041f48b539e6f23e6d3ebcac
- SSDEEP
  
  786432:Thyqe9n+N5GsjzKGCGWdo3LuqIXwfWeY6VQoJOjzTheSsXaKAoija5w9Fm:NtOn+uLGCG6qOgfzbUjzTDyadoea5g
Score

1^/10
behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

ratdefaultagilenetasyncrat

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat

behavioral3

© 2018-2024

Terms | Privacy