asyncrat | a46ab2106d6ae64cb382afbf04d083492cf43329ab038417c2c1e5573fad1063 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Client.exe
Size

1.4MB
Sample

231015-nmsjaafb4x
MD5

df024076517e8bed5807f893a6e064c8
SHA1

d10c6099cb625b65923950392766ff31f186d275
SHA256

a46ab2106d6ae64cb382afbf04d083492cf43329ab038417c2c1e5573fad1063
SHA512

8854fd2668a5e08b076bc39428774061f83f761be53c0508c377872d1f521a674528308b356454a925daf2aa5c2553a5effe682a346e8e3e8ce970028ecf6d9b
SSDEEP

12288:P9EeYahHhtaPKnWoFxCebuKD0w/Odxs15AmhCg5LTVzxQQxDh2e/g3wEvR5nUVIV:lL94KnWoFFuQObmhCgRB1QuDRoVvX

Score

10^/10

asyncrat persistence rat spyware stealer

Malware Config

Targets

- Target
  
  Client.exe
- Size
  
  1.4MB
- MD5
  
  df024076517e8bed5807f893a6e064c8
- SHA1
  
  d10c6099cb625b65923950392766ff31f186d275
- SHA256
  
  a46ab2106d6ae64cb382afbf04d083492cf43329ab038417c2c1e5573fad1063
- SHA512
  
  8854fd2668a5e08b076bc39428774061f83f761be53c0508c377872d1f521a674528308b356454a925daf2aa5c2553a5effe682a346e8e3e8ce970028ecf6d9b
- SSDEEP
  
  12288:P9EeYahHhtaPKnWoFxCebuKD0w/Odxs15AmhCg5LTVzxQQxDh2e/g3wEvR5nUVIV:lL94KnWoFFuQObmhCgRB1QuDRoVvX
Score

10^/10

asyncrat persistence rat spyware stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratpersistenceratspywarestealer