asyncrat | ae8c18c319de226008fab8d1dc2d45e0f1adc17740eede53009239af79d65d68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd751c3d6ffbea6efdf57f746181d443_JaffaCakes118
Size

103KB
Sample

240420-x1zzysfg76
MD5

fd751c3d6ffbea6efdf57f746181d443
SHA1

287dc753c8c37bc5343677d10cb3d59068cc07f1
SHA256

ae8c18c319de226008fab8d1dc2d45e0f1adc17740eede53009239af79d65d68
SHA512

381f482e279bfbb84dcbb99b67e32f9220938befe84f2d5c9a7c53c985f7af4c243fac93bd81cbeced88442ebaeb8079e97b285e102cec4207ef17c75187b62d
SSDEEP

1536:EUIo1viUnh3sd8nlvEGWOfxWfgdtykOj45gocCFII2tsG:NTG

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

elliotgateway.ddns.net:5555

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  fd751c3d6ffbea6efdf57f746181d443_JaffaCakes118
- Size
  
  103KB
- MD5
  
  fd751c3d6ffbea6efdf57f746181d443
- SHA1
  
  287dc753c8c37bc5343677d10cb3d59068cc07f1
- SHA256
  
  ae8c18c319de226008fab8d1dc2d45e0f1adc17740eede53009239af79d65d68
- SHA512
  
  381f482e279bfbb84dcbb99b67e32f9220938befe84f2d5c9a7c53c985f7af4c243fac93bd81cbeced88442ebaeb8079e97b285e102cec4207ef17c75187b62d
- SSDEEP
  
  1536:EUIo1viUnh3sd8nlvEGWOfxWfgdtykOj45gocCFII2tsG:NTG
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

asyncratdefaultrat