asyncrat | 7722b7542959c2fa35635010266072666f94e93b01e3de1bc80d15683ba43e80 | Triage

Submit
Reports

Overview

overview

Static

static

1

novamanager.bat

windows10-1703-x64

Sharing

General

Target

novamanager.bat
Size

5.8MB
Sample

240524-cv4qqsaa44
MD5

b8a7f076072a6e9ff5574deef2a780fa
SHA1

20158ae3303a64f2d5759fa8d13d0f3675d78700
SHA256

7722b7542959c2fa35635010266072666f94e93b01e3de1bc80d15683ba43e80
SHA512

c92942cc4d70908a27ea844687759e15721d39060a74a3e3698e587a8aad916bc57d2fbbbd4c2d585d07f7ec081ef159050746d28790b46b5f621730a4c1f23a
SSDEEP

49152:o6ctTLMmyVH+LYW15mz155Jn3pVfMlZiB7mqqOBHu71/vufRooqRcvfKvkYAI87U:W

Score

10^/10

asyncrat default execution rat

Static task

static1

Behavioral task

behavioral1

Sample

novamanager.bat

Resource

win10-20240404-en

asyncrat default execution rat

windows10-1703-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

127.0.0.1:44112

linux-treatment.gl.at.ply.gg:6606

linux-treatment.gl.at.ply.gg:7707

linux-treatment.gl.at.ply.gg:8808

linux-treatment.gl.at.ply.gg:44112

Mutex

BOKEVIDUrIhH

Attributes

delay
3
install
false
install_file
winx64x86.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  novamanager.bat
- Size
  
  5.8MB
- MD5
  
  b8a7f076072a6e9ff5574deef2a780fa
- SHA1
  
  20158ae3303a64f2d5759fa8d13d0f3675d78700
- SHA256
  
  7722b7542959c2fa35635010266072666f94e93b01e3de1bc80d15683ba43e80
- SHA512
  
  c92942cc4d70908a27ea844687759e15721d39060a74a3e3698e587a8aad916bc57d2fbbbd4c2d585d07f7ec081ef159050746d28790b46b5f621730a4c1f23a
- SSDEEP
  
  49152:o6ctTLMmyVH+LYW15mz155Jn3pVfMlZiB7mqqOBHu71/vufRooqRcvfKvkYAI87U:W
Score

10^/10

asyncrat default execution rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

asyncratdefaultexecutionrat

© 2018-2024

Terms | Privacy