asyncrat

Resubmissions

24-10-2023 12:00

231024-n6mgdacg4s 10

24-10-2023 11:52

24-10-2023 11:33

24-10-2023 11:30

24-10-2023 11:27

24-10-2023 09:15

Sharing

Copy URL

Twitter E-mail

General

Target

rat[1].7z
Size

126KB
Sample

231024-n6mgdacg4s
MD5

347593763b3a839b289bac17f25c6450
SHA1

e0c99044b9041b6f5cbfb3a30ececa14aed2c310
SHA256

1ae401515e509c79b5af470feb8d156859771f61e598dfa10f37409bebdc4dbb
SHA512

f37bf2641efa23a77f781fbd3e2a7d22b7a09aff576db63c8e416af25dd431618be5299db2f1183eecffd2e196aa65d5ae761599053607d806d4b1095d10464f
SSDEEP

1536:7p04gk5jaZ2VGov0KW73HDWoE1umhoQGDtPBo13MDVwPbtoQ5w6lgjNNbNg1xL1q:90nkoIYi0DLqolmMDk13MDE6NExLn4Tp

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_file
svchost.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  rat
- Size
  
  512KB
- MD5
  
  738c07f22ff7922d8fcff5ba6555dbb3
- SHA1
  
  86a08e0cb6b92b08d358c75e47dd5325b4aba323
- SHA256
  
  7a83115ab46ba6a3c237d78f32bd3386ff4d4d7cd7b06ad731fe8071b2246278
- SHA512
  
  c49a900d0165f56cc513c6e4e6551a69f3b49c8c0a9719ac925c6004b69554540999d1f3c9d63c397564e6ec67bb65cc31fa6e0ff9c2685a325fea7c8c0868dd
- SSDEEP
  
  3072:7HivS2XIxjLnBnbmOKIudTziZ3w2OAGzCZ44Lz/w:LxvnBJh+T63wZzCZ44Lzw
Score

10^/10

asyncrat default rat spyware stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Async RAT payload

Reads user/profile data of web browsers

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2