asyncrat | 8f5dc039858f2425120283f32b08a688219ec1fed56dca56ef072807d4b41380 | Triage

Sharing

General

Target

65082ee4bb13d81f6011e9ebfbfd0e90_NeikiAnalytics.exe
Size

896KB
Sample

240519-d3nj6age46
MD5

65082ee4bb13d81f6011e9ebfbfd0e90
SHA1

42af2f42d9b349438e20998f261e5bb92988fd7b
SHA256

8f5dc039858f2425120283f32b08a688219ec1fed56dca56ef072807d4b41380
SHA512

44a63aea9d0ee1b723d821aa77e5a699a4dcf4b548b799375dccea3f5b468a35e7904e4d2be976c69a295c5f76ac5f030f8f92db3a32aeca04611ce49c54b7e4
SSDEEP

12288:tySs6XN2uVSIuzIcCpTRJzkVwsvoXzMNnYW25+Hsp/MsDNFtH:ZxsXYW28Hfet

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

127.0.0.1:7771

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  65082ee4bb13d81f6011e9ebfbfd0e90_NeikiAnalytics.exe
- Size
  
  896KB
- MD5
  
  65082ee4bb13d81f6011e9ebfbfd0e90
- SHA1
  
  42af2f42d9b349438e20998f261e5bb92988fd7b
- SHA256
  
  8f5dc039858f2425120283f32b08a688219ec1fed56dca56ef072807d4b41380
- SHA512
  
  44a63aea9d0ee1b723d821aa77e5a699a4dcf4b548b799375dccea3f5b468a35e7904e4d2be976c69a295c5f76ac5f030f8f92db3a32aeca04611ce49c54b7e4
- SSDEEP
  
  12288:tySs6XN2uVSIuzIcCpTRJzkVwsvoXzMNnYW25+Hsp/MsDNFtH:ZxsXYW28Hfet
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat