asyncrat | 0ae22c1e874d14cfaffa061cb5761a69828f45d7646fc851a742bfd561e9e19f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Stub.exe
Size

65KB
Sample

231006-s76c4aea41
MD5

e387b3d2935a35d064b52c570982af25
SHA1

ff72aa2b79a4abb1d862011b3a11a73d2df5d481
SHA256

0ae22c1e874d14cfaffa061cb5761a69828f45d7646fc851a742bfd561e9e19f
SHA512

cd21854e4fb1ed95dde80289a8f8df5082f703759ca024062a40fe29d40c1896d6a15b6202c06bf8abfaf94df0d3e2f1fbd881d24b272c7c98892eaaf549fc67
SSDEEP

1536:/O2/XS4ripkVkJHKmrZHv6mqoo4oK5E8fU6aFEAHY4Pb8OKtQOPUX8rgTRux:G2/XHripkKE8fU6aucY4PbpIP1eMx

Score

10^/10

asyncrat 26sep rat spyware stealer

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

26Sep

C2

4.151.131.10:2404

Mutex

AsyncMutex_Ed

Attributes

delay
3
install
false
install_file
Word.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Stub.exe
- Size
  
  65KB
- MD5
  
  e387b3d2935a35d064b52c570982af25
- SHA1
  
  ff72aa2b79a4abb1d862011b3a11a73d2df5d481
- SHA256
  
  0ae22c1e874d14cfaffa061cb5761a69828f45d7646fc851a742bfd561e9e19f
- SHA512
  
  cd21854e4fb1ed95dde80289a8f8df5082f703759ca024062a40fe29d40c1896d6a15b6202c06bf8abfaf94df0d3e2f1fbd881d24b272c7c98892eaaf549fc67
- SSDEEP
  
  1536:/O2/XS4ripkVkJHKmrZHv6mqoo4oK5E8fU6aFEAHY4Pb8OKtQOPUX8rgTRux:G2/XHripkKE8fU6aucY4PbpIP1eMx
Score

10^/10

asyncrat 26sep rat spyware stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

rat26sepasyncrat

behavioral1

asyncrat26sepratspywarestealer

behavioral2

asyncrat26sepratspywarestealer