asyncrat | c3036f061c756b0279703655c6ccc1f58b0d2d560ba94924599099b1c73ecbf3 | Triage

Sharing

General

Target

c3036f061c756b0279703655c6ccc1f58b0d2d560ba94924599099b1c73ecbf3
Size

1.8MB
Sample

240309-h54rdaef9t
MD5

63b9d980ce167685f61415d082dc681b
SHA1

603140235d53cef46e3bac28cdddd5206a1c4246
SHA256

c3036f061c756b0279703655c6ccc1f58b0d2d560ba94924599099b1c73ecbf3
SHA512

a4161de9bdd90a7260d086080970c3f06df8a99b8cb2db8339b6d105d5b37b47f6e362b7972a6a562263e7d70dc055d5050d5f4ca12215329146fc3b7ad4e25c
SSDEEP

49152:zi39+084E6W4W8+m/oX49aXZmMA88DOKmX:G+HVb4W8b+49unDfTX

Score

10^/10

asyncrat default persistence rat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

1.err.line.pm:4449

Mutex

glzznzesxsoyn

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  c3036f061c756b0279703655c6ccc1f58b0d2d560ba94924599099b1c73ecbf3
- Size
  
  1.8MB
- MD5
  
  63b9d980ce167685f61415d082dc681b
- SHA1
  
  603140235d53cef46e3bac28cdddd5206a1c4246
- SHA256
  
  c3036f061c756b0279703655c6ccc1f58b0d2d560ba94924599099b1c73ecbf3
- SHA512
  
  a4161de9bdd90a7260d086080970c3f06df8a99b8cb2db8339b6d105d5b37b47f6e362b7972a6a562263e7d70dc055d5050d5f4ca12215329146fc3b7ad4e25c
- SSDEEP
  
  49152:zi39+084E6W4W8+m/oX49aXZmMA88DOKmX:G+HVb4W8b+49unDfTX
Score

10^/10

asyncrat default persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultpersistencerat