asyncrat | a1d8230807e2247c48b5c732ab306ed66c6db923f21d9c50a0508a1cf1e03193 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cb84ba13936d8dcbc4fdd891932243f_JaffaCakes118
Size

61KB
Sample

240328-wxv16adg53
MD5

0cb84ba13936d8dcbc4fdd891932243f
SHA1

756348d07f38f9dea09962a07a8ff6bf671daace
SHA256

a1d8230807e2247c48b5c732ab306ed66c6db923f21d9c50a0508a1cf1e03193
SHA512

3cd5770fbb17b35012ad930fdc53a6358d6da320dcc4dd67ff1cd27f07f05ccb1762c80c9b67b44a9d97b3d87bad60893c2a3434eff80ff232a4da3778430039
SSDEEP

1536:CuWIiKAPnPMspbQ628QA8VdN6r4PEYiqlgGdKDwlGlB6519Wd0es:wIfwnPMspM6DsdNdEYV2wL519m0e

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7A

Botnet

Default

C2

172.30.1.10:7707

Mutex

ifgybnendzqduj

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  0cb84ba13936d8dcbc4fdd891932243f_JaffaCakes118
- Size
  
  61KB
- MD5
  
  0cb84ba13936d8dcbc4fdd891932243f
- SHA1
  
  756348d07f38f9dea09962a07a8ff6bf671daace
- SHA256
  
  a1d8230807e2247c48b5c732ab306ed66c6db923f21d9c50a0508a1cf1e03193
- SHA512
  
  3cd5770fbb17b35012ad930fdc53a6358d6da320dcc4dd67ff1cd27f07f05ccb1762c80c9b67b44a9d97b3d87bad60893c2a3434eff80ff232a4da3778430039
- SSDEEP
  
  1536:CuWIiKAPnPMspbQ628QA8VdN6r4PEYiqlgGdKDwlGlB6519Wd0es:wIfwnPMspM6DsdNdEYV2wL519m0e
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

asyncratdefaultrat

behavioral2