asyncrat | 19317da5733e40de48774b836f81b6edd83a60976ef180b6e796928399cee1c3 | Triage

Submit
Reports

Overview

overview

Static

static

1

hy.ps1

windows7-x64

1

hy.ps1

windows10-2004-x64

Sharing

General

Target

hy.ps1
Size

9.0MB
Sample

240426-nskqmaff75
MD5

c867dbeca2907417d58f0bfb4de699d6
SHA1

fa942ea34e59c938d9c307a9c5054118b21fa699
SHA256

19317da5733e40de48774b836f81b6edd83a60976ef180b6e796928399cee1c3
SHA512

2658decfca16f085932c43ee6397cb449ab7ecf041d2c46630a5fdb3075c21eb9e5836ddb2e9018f4aac99f68ba9a1c3e19973da5c9ca58fc9bb2f7278b557e5
SSDEEP

24576:sEAjJLSsZ05S8PllqWR4Q4/YVwCxCpMt8JNim5irz5aRt5vQZUZMc7JS0Ccn3ban:W8RVkwoFZ0qQpynBV

Score

10^/10

asyncrat default rat

Static task

static1

Behavioral task

behavioral1

Sample

hy.ps1

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

hy.ps1

Resource

win10v2004-20240419-en

asyncrat default rat

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

91.92.252.234:3232

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  hy.ps1
- Size
  
  9.0MB
- MD5
  
  c867dbeca2907417d58f0bfb4de699d6
- SHA1
  
  fa942ea34e59c938d9c307a9c5054118b21fa699
- SHA256
  
  19317da5733e40de48774b836f81b6edd83a60976ef180b6e796928399cee1c3
- SHA512
  
  2658decfca16f085932c43ee6397cb449ab7ecf041d2c46630a5fdb3075c21eb9e5836ddb2e9018f4aac99f68ba9a1c3e19973da5c9ca58fc9bb2f7278b557e5
- SSDEEP
  
  24576:sEAjJLSsZ05S8PllqWR4Q4/YVwCxCpMt8JNim5irz5aRt5vQZUZMc7JS0Ccn3ban:W8RVkwoFZ0qQpynBV
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Async RAT payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

asyncratdefaultrat

© 2018-2024

Terms | Privacy