asyncrat | c0ecdb5046ff0c85592a794cb42f8acc7d1814892a890f07f4e1a9f3e0e0b2df | Triage

Submit
Reports

Overview

overview

Static

static

1

file.bat

windows10-2004-x64

Sharing

General

Target

file.bat
Size

226B
Sample

231113-v9lgtaec41
MD5

b34b91cd445ac63caa329c1ae21fc024
SHA1

5fae83ff22c9c5f8e681a69d9c7f405dbfeffb94
SHA256

c0ecdb5046ff0c85592a794cb42f8acc7d1814892a890f07f4e1a9f3e0e0b2df
SHA512

3ec3570670e00580ccb2e188a08cd4d580bef8315fd3063bfff605a9c84a6d32dbac28f5bc70489f008e36b3a41f281e1a7777ca5493186f8e9e9f7e0e7739e6

Score

10^/10

asyncrat zgrat default rat

Static task

static1

Behavioral task

behavioral1

Sample

file.bat

Resource

win10v2004-20231025-en

asyncrat zgrat default rat

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://91.92.242.28:222/jn.jpg

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

win009.theworkpc.com:5010

Mutex

AsyncMutex_alosh

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  file.bat
- Size
  
  226B
- MD5
  
  b34b91cd445ac63caa329c1ae21fc024
- SHA1
  
  5fae83ff22c9c5f8e681a69d9c7f405dbfeffb94
- SHA256
  
  c0ecdb5046ff0c85592a794cb42f8acc7d1814892a890f07f4e1a9f3e0e0b2df
- SHA512
  
  3ec3570670e00580ccb2e188a08cd4d580bef8315fd3063bfff605a9c84a6d32dbac28f5bc70489f008e36b3a41f281e1a7777ca5493186f8e9e9f7e0e7739e6
Score

10^/10

asyncrat zgrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Detect ZGRat V1
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

asyncratzgratdefaultrat

© 2018-2024

Terms | Privacy