asyncrat

General

Target

712940BAEF78C821E36B8701BF073C52.exe
Size

91KB
Sample

240419-lksedseg5v
MD5

712940baef78c821e36b8701bf073c52
SHA1

d59896b87424fafc0d00ab5e5c2019bd941167ce
SHA256

08f8498aec75418bb4c12972a6547ee2c4762160e7bf36c558a91b7b9110ed3f
SHA512

68bc6df413e00e6420ee6db6e4d0497bab61908b96f48fdb6bf6aae9bed72de840d83dfc0017dd24995a05f29b415b82852f84e9b74de85d303b67cc396c7007
SSDEEP

1536:qoJFOWbLXbbetrgpFZ2nrWLtyEclopV4c78eiV:zFOWbLLbetrgQn6BpVD34

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8 - Customized by Mikewaals

Botnet

Default

C2

204.12.199.30:6606

204.12.199.30:7707

204.12.199.30:8808

Mutex

Bbtt03i3Zbxo

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  712940BAEF78C821E36B8701BF073C52.exe
- Size
  
  91KB
- MD5
  
  712940baef78c821e36b8701bf073c52
- SHA1
  
  d59896b87424fafc0d00ab5e5c2019bd941167ce
- SHA256
  
  08f8498aec75418bb4c12972a6547ee2c4762160e7bf36c558a91b7b9110ed3f
- SHA512
  
  68bc6df413e00e6420ee6db6e4d0497bab61908b96f48fdb6bf6aae9bed72de840d83dfc0017dd24995a05f29b415b82852f84e9b74de85d303b67cc396c7007
- SSDEEP
  
  1536:qoJFOWbLXbbetrgpFZ2nrWLtyEclopV4c78eiV:zFOWbLLbetrgQn6BpVD34
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1

T1053

Persistence

Scheduled Task/Job

1

T1053

Privilege Escalation

Scheduled Task/Job

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Downloads MZ/PE file

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2