asyncrat | e09a35ac6c37f4807daf1dcfeb8e2f1fa78003cf1b48b942152ad54152ed2ae6 | Triage

Submit
Reports

Overview

overview

Static

static

3

e51beeef2a...02.exe

windows7-x64

e51beeef2a...02.exe

windows10-2004-x64

Sharing

General

Target

e51beeef2a2539ff8ef9e4bf7ffdf002.exe
Size

19.8MB
Sample

230511-w9c14sbg21
MD5

e51beeef2a2539ff8ef9e4bf7ffdf002
SHA1

fb7435fcbe78d1e50364db3bc527a7e394a3cc71
SHA256

e09a35ac6c37f4807daf1dcfeb8e2f1fa78003cf1b48b942152ad54152ed2ae6
SHA512

363417b1fb3a4fd12267190cde711366b287def6d00a9ceda33f0f71c88c3500ed57553772f10880edef23eb4733c36c009d07fcf1eb775a5a684ce3f6c47d4b
SSDEEP

6144:7fQTkfGlJz/us5e2jKFFRavrXQ1SHbboDr21dP:7fQTkfsJL9aS7sfu

Score

10^/10

asyncrat munabc rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e51beeef2a2539ff8ef9e4bf7ffdf002.exe

Resource

win7-20230220-en

asyncrat munabc rat

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

e51beeef2a2539ff8ef9e4bf7ffdf002.exe

Resource

win10v2004-20230220-en

asyncrat munabc rat

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Version

5.0.5

Botnet

MunaBC

C2

piddix.duckdns.org:4449

Mutex

muna123456789

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  e51beeef2a2539ff8ef9e4bf7ffdf002.exe
- Size
  
  19.8MB
- MD5
  
  e51beeef2a2539ff8ef9e4bf7ffdf002
- SHA1
  
  fb7435fcbe78d1e50364db3bc527a7e394a3cc71
- SHA256
  
  e09a35ac6c37f4807daf1dcfeb8e2f1fa78003cf1b48b942152ad54152ed2ae6
- SHA512
  
  363417b1fb3a4fd12267190cde711366b287def6d00a9ceda33f0f71c88c3500ed57553772f10880edef23eb4733c36c009d07fcf1eb775a5a684ce3f6c47d4b
- SSDEEP
  
  6144:7fQTkfGlJz/us5e2jKFFRavrXQ1SHbboDr21dP:7fQTkfsJL9aS7sfu
Score

10^/10

asyncrat munabc rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratmunabcrat

behavioral2

asyncratmunabcrat

© 2018-2025

Terms | Privacy