asyncrat | 6ad0dc8d07a1281d60865e79c43f37af636c15d163ac2a3050f6f4740291c49a | Triage

Sharing

General

Target

2040-76-0x000000001B2B0000-0x000000001B2C2000-memory.dmp
Size

72KB
Sample

240303-th8btscf3v
MD5

1cda114eb026aa8f4273252245ff5c97
SHA1

182cd8154cc2d468bd85735c46366d85033c1b06
SHA256

6ad0dc8d07a1281d60865e79c43f37af636c15d163ac2a3050f6f4740291c49a
SHA512

ac42f46801fce9d33443835d2f1a78e7a3e2bb5f9dc8e706ebcc983a87d9eab41fbaf91640876c3b60435595670c0b0b9e4fcaa463fdda17284abd2000ae78ff
SSDEEP

1536:vu3f5TgCV2OKYDy3bCXSWW839d2y6emdSx:vu3hTgCV2OHDy3bClWu9Pygx

Score

10^/10

asyncrat zf rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

ZF

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

127.0.0.1:11334

139.180.143.50:6606

139.180.143.50:7707

139.180.143.50:8808

139.180.143.50:11334

Mutex

GPT_Conn4

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  2040-76-0x000000001B2B0000-0x000000001B2C2000-memory.dmp
- Size
  
  72KB
- MD5
  
  1cda114eb026aa8f4273252245ff5c97
- SHA1
  
  182cd8154cc2d468bd85735c46366d85033c1b06
- SHA256
  
  6ad0dc8d07a1281d60865e79c43f37af636c15d163ac2a3050f6f4740291c49a
- SHA512
  
  ac42f46801fce9d33443835d2f1a78e7a3e2bb5f9dc8e706ebcc983a87d9eab41fbaf91640876c3b60435595670c0b0b9e4fcaa463fdda17284abd2000ae78ff
- SSDEEP
  
  1536:vu3f5TgCV2OKYDy3bCXSWW839d2y6emdSx:vu3hTgCV2OHDy3bClWu9Pygx
Score

10^/10

asyncrat zf rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2