asyncrat | 8dd48cd023c9f13b6b41274c1b6d3be2907dbd929dda7701972b73a029df74b5 | Triage

Resubmissions

08/08/2023, 23:47

230808-3s617agc32 10

08/08/2023, 09:45

230808-lq9wmabg44 10

Sharing

General

Target

8dd48cd023c9f13b6b41274c1b6d3be2907dbd929dda7701972b73a029df74b5
Size

186KB
Sample

230808-lq9wmabg44
MD5

ab161491c05bb4e14c9956bd90dec42f
SHA1

4f3fa749a5ab5aa69fb762c4f438f2759abf2c31
SHA256

8dd48cd023c9f13b6b41274c1b6d3be2907dbd929dda7701972b73a029df74b5
SHA512

530bcb714475e55a8e6d7e23ec785140cc988eb4062a2e21cd8893afd33112c839c8cd2e003224ba8246a47afb17b99040780c738f5342e28ad61776e83f7816
SSDEEP

3072:0v+8ni6dAi2D6r99PsY8qswZHM+JdBsfUKQn1b8oCikdOFqDdI:0v+uT289RZs+7mobkdOFEI

Score

10^/10

asyncrat defaultt rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

DefaultT

C2

greightcethebui.sytes.net:1414

greightcethebui.sytes.net:6767

wreightcethebui.sytes.net:1414

wreightcethebui.sytes.net:6767

Mutex

AsyncMutex_6SI8OkPnW

Attributes

delay
3
install
true
install_file
oscr.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  8dd48cd023c9f13b6b41274c1b6d3be2907dbd929dda7701972b73a029df74b5
- Size
  
  186KB
- MD5
  
  ab161491c05bb4e14c9956bd90dec42f
- SHA1
  
  4f3fa749a5ab5aa69fb762c4f438f2759abf2c31
- SHA256
  
  8dd48cd023c9f13b6b41274c1b6d3be2907dbd929dda7701972b73a029df74b5
- SHA512
  
  530bcb714475e55a8e6d7e23ec785140cc988eb4062a2e21cd8893afd33112c839c8cd2e003224ba8246a47afb17b99040780c738f5342e28ad61776e83f7816
- SSDEEP
  
  3072:0v+8ni6dAi2D6r99PsY8qswZHM+JdBsfUKQn1b8oCikdOFqDdI:0v+uT289RZs+7mobkdOFEI
Score

10^/10

asyncrat defaultt rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaulttrat