asyncrat | 6543c547b83be07c11742aebcba0264026667005c7d4b90ca9ee8da62ad06984 | Triage

Sharing

General

Target

6543c547b83be07c11742aebcba0264026667005c7d4b90ca9ee8da62ad06984.zip
Size

10.2MB
Sample

231010-125hlsee3v
MD5

6cfc8a19911d2a4401c1c362587e83ce
SHA1

757f656302382738175a6a73ed7e412bba55011c
SHA256

6543c547b83be07c11742aebcba0264026667005c7d4b90ca9ee8da62ad06984
SHA512

4da1ae530f9e06cf69ee4d68f5166586096940248f58954e928e16d56faa2cdefcb4ba865588964a254659c14642de8af9fe8e393a168a642e9a5648ef5f29a2
SSDEEP

98304:01+qfbaSe1um0WohRcxAqV6EiTEEhG8VdjDEJgkKQ:nGWM0x7VdiAfj

Score

10^/10

asyncrat crypt one rat

Malware Config

Extracted

Family

asyncrat

Version

5.0.5

Botnet

Crypt One

C2

194.180.49.190:9254

Mutex

c7737c6a-d18e-4344-9a5b-860541cfb072

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  6543c547b83be07c11742aebcba0264026667005c7d4b90ca9ee8da62ad06984.zip
- Size
  
  10.2MB
- MD5
  
  6cfc8a19911d2a4401c1c362587e83ce
- SHA1
  
  757f656302382738175a6a73ed7e412bba55011c
- SHA256
  
  6543c547b83be07c11742aebcba0264026667005c7d4b90ca9ee8da62ad06984
- SHA512
  
  4da1ae530f9e06cf69ee4d68f5166586096940248f58954e928e16d56faa2cdefcb4ba865588964a254659c14642de8af9fe8e393a168a642e9a5648ef5f29a2
- SSDEEP
  
  98304:01+qfbaSe1um0WohRcxAqV6EiTEEhG8VdjDEJgkKQ:nGWM0x7VdiAfj
Score

10^/10

asyncrat crypt one rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

asyncratcrypt onerat