asyncrat | 7e18d8d15774617c68ee110c9db48ede24e1a4a28c52fb8197dfc593ed2877b0 | Triage

Sharing

General

Target

68e5cd49f6d77354d46b27a1e6e7763e_JaffaCakes118
Size

4.9MB
Sample

240522-2q95dsbh8s
MD5

68e5cd49f6d77354d46b27a1e6e7763e
SHA1

c2cb1378e9ede29c9a96c46f8ea1c5aaeffa26f1
SHA256

7e18d8d15774617c68ee110c9db48ede24e1a4a28c52fb8197dfc593ed2877b0
SHA512

12bbd1ff695a6d91692970c6882e17a5493b27bd931168e619931af4c51c4f0621ed5ae5a53e605e26bbfedf0c8b812be6b39854209569af860090e61680031f
SSDEEP

98304:tZY+5StaPLB6cdAT88El9DkLry6Dgbe8AONOuLFP3TgFge:ttvBX+4PzkL5Dgi8AoDpTkge

Score

10^/10

asyncrat rat

Malware Config

Targets

- Target
  
  68e5cd49f6d77354d46b27a1e6e7763e_JaffaCakes118
- Size
  
  4.9MB
- MD5
  
  68e5cd49f6d77354d46b27a1e6e7763e
- SHA1
  
  c2cb1378e9ede29c9a96c46f8ea1c5aaeffa26f1
- SHA256
  
  7e18d8d15774617c68ee110c9db48ede24e1a4a28c52fb8197dfc593ed2877b0
- SHA512
  
  12bbd1ff695a6d91692970c6882e17a5493b27bd931168e619931af4c51c4f0621ed5ae5a53e605e26bbfedf0c8b812be6b39854209569af860090e61680031f
- SSDEEP
  
  98304:tZY+5StaPLB6cdAT88El9DkLry6Dgbe8AONOuLFP3TgFge:ttvBX+4PzkL5Dgi8AoDpTkge
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2