asyncrat | 0e93a41edf1ca3e1723e5e0d73f3e0f54d6d672606b9dc0cda745f87e3fd0339 | Triage

Sharing

General

Target

01 PROCESO JUDICIAL EN SU CONTRA.zip
Size

3.1MB
Sample

240528-eekc9sdg2x
MD5

94b5fdcc565dfa5c61aa87fbe973ad3f
SHA1

8a520488635aa652b4b2820e8ff06c8aafbf5180
SHA256

0e93a41edf1ca3e1723e5e0d73f3e0f54d6d672606b9dc0cda745f87e3fd0339
SHA512

5fda98190b76f8f3a5a109b9b9450921d6218014af9301c8d62a5e0220919198b407372167bbe19c187b3715e46086faafc7e4995c30ff072dc629dd021802fd
SSDEEP

98304:VlQy/4k9Ir0egHGQUa83ab2iRjcOGhhsTPrGqu:YvvneTF0ab3RHGhhsziqu

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

Dios123.kozow.com:1234

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  01 PROCESO JUDICIAL EN SU CONTRA/01 PROCESO JUDICIAL.exe
- Size
  
  2.3MB
- MD5
  
  5d52ef45b6e5bf144307a84c2af1581b
- SHA1
  
  414a899ec327d4a9daa53983544245b209f25142
- SHA256
  
  26a24d3b0206c6808615c7049859c2fe62c4dcd87e7858be40ae8112b0482616
- SHA512
  
  458f47c1e4ccf41edaacc57abb663ee77ca098fffc596fad941bbdea67653aeabc79b34d607078b9ee5adb45614e26f5c28a09e8faf9532081fdd5dec9ac3c48
- SSDEEP
  
  49152:DzO+g39FbI0eQf/Z3CarWedoYAmXviDTMtT2wkqN5K:DzO19Fnf/hdoYAm9ZkqN5K
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat