asyncrat | 4b7c7ecab6728bb94b9fb3cb3d89ae86db763a3f0afa31d2b4cc8f1ba0f9580a | Triage

Sharing

General

Target

43924592e1f9c0776edb140126dfd0a4
Size

1.2MB
Sample

240105-nmq1fsaegk
MD5

43924592e1f9c0776edb140126dfd0a4
SHA1

140284c4a9ea71c80f3d7b4aa5259e621ecc0894
SHA256

4b7c7ecab6728bb94b9fb3cb3d89ae86db763a3f0afa31d2b4cc8f1ba0f9580a
SHA512

941e36447edc6df7d4414ada2635e54092977b31f3a6e4a073f21fa0f008cffc5148abab722a9ae280990f6460aeaa45922c16a81a049201ea8d8c1b4bedfc0b
SSDEEP

12288:dr+w+Px6rT9aUvCYMsFzPcc1lZgZMrfqgn811CYjojv3KapxhAnSWp9X5Z7aUvCm:hRVCYM6zPcc+1CY00ptRCYM6zPMc

Score

10^/10

asyncrat rat

Malware Config

Extracted

Family

asyncrat

Version

WinBioPlugIns

Mutex

296534285534

Attributes

delay
20000
install
false
install_file
notepad.exe
install_folder
VisualElements
pastebin_config
https://pastebin.com/raw/pfTFA8kC

aes.plain

Targets

- Target
  
  43924592e1f9c0776edb140126dfd0a4
- Size
  
  1.2MB
- MD5
  
  43924592e1f9c0776edb140126dfd0a4
- SHA1
  
  140284c4a9ea71c80f3d7b4aa5259e621ecc0894
- SHA256
  
  4b7c7ecab6728bb94b9fb3cb3d89ae86db763a3f0afa31d2b4cc8f1ba0f9580a
- SHA512
  
  941e36447edc6df7d4414ada2635e54092977b31f3a6e4a073f21fa0f008cffc5148abab722a9ae280990f6460aeaa45922c16a81a049201ea8d8c1b4bedfc0b
- SSDEEP
  
  12288:dr+w+Px6rT9aUvCYMsFzPcc1lZgZMrfqgn811CYjojv3KapxhAnSWp9X5Z7aUvCm:hRVCYM6zPcc+1CY00ptRCYM6zPMc
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2