asyncrat | 541634215fab75c90942d978726d81d3512fc412edf8c1b41b814bd2181cf81d | Triage

Sharing

General

Target

c7ff1ac2b8995663aab9c4e9c5a223b0_NeikiAnalytics.exe
Size

1.4MB
Sample

240616-a9y3pasdkg
MD5

c7ff1ac2b8995663aab9c4e9c5a223b0
SHA1

c459bd10fcda5f2a2c6a7986ed092554bf017b35
SHA256

541634215fab75c90942d978726d81d3512fc412edf8c1b41b814bd2181cf81d
SHA512

10850bcfcc35dbbfff95ed8e9ac41ab40a93136e1be8ffbe01f89da192e79055c1d4fc708d4b66f1e18f360b56d0129ed19d14e6e8794b906bad17d983012d38
SSDEEP

3072:7a3bc2dGvlSfAyo/vYyX3XrXxS5Kvj5f6IIqfZDSdUARolxGAskshlhy4VNfSzF2:7QsYSdgGqkhnDJXtG/Bzw/xjk9a2

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

38.180.9.93:8848

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  c7ff1ac2b8995663aab9c4e9c5a223b0_NeikiAnalytics.exe
- Size
  
  1.4MB
- MD5
  
  c7ff1ac2b8995663aab9c4e9c5a223b0
- SHA1
  
  c459bd10fcda5f2a2c6a7986ed092554bf017b35
- SHA256
  
  541634215fab75c90942d978726d81d3512fc412edf8c1b41b814bd2181cf81d
- SHA512
  
  10850bcfcc35dbbfff95ed8e9ac41ab40a93136e1be8ffbe01f89da192e79055c1d4fc708d4b66f1e18f360b56d0129ed19d14e6e8794b906bad17d983012d38
- SSDEEP
  
  3072:7a3bc2dGvlSfAyo/vYyX3XrXxS5Kvj5f6IIqfZDSdUARolxGAskshlhy4VNfSzF2:7QsYSdgGqkhnDJXtG/Bzw/xjk9a2
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

asyncratdefaultrat

behavioral2