asyncrat | e91838e3f9c6aa4e1e043fa30ac176081877347166e52aa9b9cb1e7f25acecbf | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

Stub.exe

windows7-x64

Stub.exe

windows10-2004-x64

Sharing

General

Target

Stub.exe
Size

66KB
Sample

231006-s2ecesdh6x
MD5

93f1ab2325d4e6c3a1c2a0a01c6437bc
SHA1

39c82867d77379637771304db1b93b808efee1b7
SHA256

e91838e3f9c6aa4e1e043fa30ac176081877347166e52aa9b9cb1e7f25acecbf
SHA512

1372a793702f90ad445787041b1bfd43f1a155ded2e9f822124e208c574536f13c6160d127a1242493d1665f296c43782a5a093ec43c33f63f500f4e24fd2e3c
SSDEEP

1536:P2wmkPN1ak1gcKu5UYFpY/jCBebb0UZkg7pVop1rPlTGxx:P21kPN1ak1Ku5UYFp6Mebb0Q9gdCx

Score

10^/10

asyncrat default rat spyware stealer

Static task

static1

rat default asyncrat

3 signatures

Behavioral task

behavioral1

Sample

Stub.exe

Resource

win7-20230831-en

asyncrat default rat spyware stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Stub.exe

Resource

win10v2004-20230915-en

asyncrat default rat spyware stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

forlatinamerica.bumbleshrimp.com:2404

Mutex

AsyncMutex_Tre

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Stub.exe
- Size
  
  66KB
- MD5
  
  93f1ab2325d4e6c3a1c2a0a01c6437bc
- SHA1
  
  39c82867d77379637771304db1b93b808efee1b7
- SHA256
  
  e91838e3f9c6aa4e1e043fa30ac176081877347166e52aa9b9cb1e7f25acecbf
- SHA512
  
  1372a793702f90ad445787041b1bfd43f1a155ded2e9f822124e208c574536f13c6160d127a1242493d1665f296c43782a5a093ec43c33f63f500f4e24fd2e3c
- SSDEEP
  
  1536:P2wmkPN1ak1gcKu5UYFpY/jCBebb0UZkg7pVop1rPlTGxx:P21kPN1ak1Ku5UYFp6Mebb0Q9gdCx
Score

10^/10

asyncrat default rat spyware stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultratspywarestealer

behavioral2

asyncratdefaultratspywarestealer

© 2018-2025

Terms | Privacy