asyncrat | a54960deba43dff2587e676e867846c42ee91a6ebe554328393f9be7b7854c4e | Triage

Sharing

General

Target

1.exe
Size

63KB
Sample

240620-r5616sshkb
MD5

7b75c5718fbd95b5253bccddda484187
SHA1

d339a1b2460195583268c84b5b3742e22cc6d7c7
SHA256

a54960deba43dff2587e676e867846c42ee91a6ebe554328393f9be7b7854c4e
SHA512

f7dcb8d44b06241be900ae268d8bf4368540c5ca6df9e3055a42de3b2856c8c6df798b7533313bc31b76914be9757012fb5f1c91aac6d5795aca1a927162ab2d
SSDEEP

768:Yv7M2nr/978dQC8A+Xji7NirX8RvKq1+T4sSBGHmDbDQph0oXu2rXNflSuMdpqKX:E5/Vu7c8Iq7YUbuh9HNfUuMdpqKmY7

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

Attributes

delay
1
install
false
install_folder
%AppData%
pastebin_config
https://pastebin.com/raw/PG3MaVGP

aes.plain

Targets

- Target
  
  1.exe
- Size
  
  63KB
- MD5
  
  7b75c5718fbd95b5253bccddda484187
- SHA1
  
  d339a1b2460195583268c84b5b3742e22cc6d7c7
- SHA256
  
  a54960deba43dff2587e676e867846c42ee91a6ebe554328393f9be7b7854c4e
- SHA512
  
  f7dcb8d44b06241be900ae268d8bf4368540c5ca6df9e3055a42de3b2856c8c6df798b7533313bc31b76914be9757012fb5f1c91aac6d5795aca1a927162ab2d
- SSDEEP
  
  768:Yv7M2nr/978dQC8A+Xji7NirX8RvKq1+T4sSBGHmDbDQph0oXu2rXNflSuMdpqKX:E5/Vu7c8Iq7YUbuh9HNfUuMdpqKmY7
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat