asyncrat | b38f418014b58a5d9ab99a57c8b763bb0798011d165b7841cc28fd8952cbb99f | Triage

Sharing

General

Target

Client001.exe
Size

47KB
Sample

240605-sqdxhsaf5z
MD5

3bc515503804ee7ccded7e616b0c744a
SHA1

66ae5b3209a64b1804a38f16ee4aa9434974238a
SHA256

b38f418014b58a5d9ab99a57c8b763bb0798011d165b7841cc28fd8952cbb99f
SHA512

1c9a29e78fc04b8939d50af77d31f0c9b3b26eb625a27a4531539621e9e5d57ce2d1b6bf7caaa3d4177a883e07bab9a1d1f86442e8eac94bab0c649072abaaa8
SSDEEP

768:oq+s3pUtDILNCCa+DixVevX4f5/i3G8YbfgeeWgy7KqVqvEgK/JfZVc6KN:oq+AGtQOESzzbody7KqVqnkJfZVclN

Score

10^/10

asyncrat pulpas-oro rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

PULPAS-ORO

C2

krakenstudio0612.casacam.net:8004

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Client001.exe
- Size
  
  47KB
- MD5
  
  3bc515503804ee7ccded7e616b0c744a
- SHA1
  
  66ae5b3209a64b1804a38f16ee4aa9434974238a
- SHA256
  
  b38f418014b58a5d9ab99a57c8b763bb0798011d165b7841cc28fd8952cbb99f
- SHA512
  
  1c9a29e78fc04b8939d50af77d31f0c9b3b26eb625a27a4531539621e9e5d57ce2d1b6bf7caaa3d4177a883e07bab9a1d1f86442e8eac94bab0c649072abaaa8
- SSDEEP
  
  768:oq+s3pUtDILNCCa+DixVevX4f5/i3G8YbfgeeWgy7KqVqvEgK/JfZVc6KN:oq+AGtQOESzzbody7KqVqnkJfZVclN
Score

10^/10

asyncrat pulpas-oro rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

ratpulpas-oroasyncrat

behavioral1

asyncratpulpas-ororat