asyncrat | 509e3c1c45131f98ebb8e44eda547598327983e1f18af4fcfaf0bad4abbcf819 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

509e3c1c45131f98ebb8e44eda547598327983e1f18af4fcfaf0bad4abbcf819_NeikiAnalytics.exe
Size

25KB
Sample

240701-n7cnkatepn
MD5

c9b4ba2e22a8a9ead69c4d02508e3b20
SHA1

23225d107830fc12c293d2ceb6915136aad5c571
SHA256

509e3c1c45131f98ebb8e44eda547598327983e1f18af4fcfaf0bad4abbcf819
SHA512

2a173e4d95fb20ffd6a4a865f7eb7ff79ae8cc53ecff25bb68f642a4b75a03b908a9b49299a11b7f117e1ad95a25d6fc370ef72d29b91f8f28ce0c550871d978
SSDEEP

384:iGHHnySKDQbkoKDVbJdpGKDGPGAEWmmqAWsKfHRN7dYTJXlGs4mQfWfp:ip39EPGfq+dWE5RWB

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

1.r14n788iocyo5epmpy6klmejchjtzddoekjlnt6mu3qh4de2i.farm:5555

Mutex

GFH7H01aEt1v

Attributes

delay
3
install
false
install_file
MicrosoftEdgeUpdate.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  509e3c1c45131f98ebb8e44eda547598327983e1f18af4fcfaf0bad4abbcf819_NeikiAnalytics.exe
- Size
  
  25KB
- MD5
  
  c9b4ba2e22a8a9ead69c4d02508e3b20
- SHA1
  
  23225d107830fc12c293d2ceb6915136aad5c571
- SHA256
  
  509e3c1c45131f98ebb8e44eda547598327983e1f18af4fcfaf0bad4abbcf819
- SHA512
  
  2a173e4d95fb20ffd6a4a865f7eb7ff79ae8cc53ecff25bb68f642a4b75a03b908a9b49299a11b7f117e1ad95a25d6fc370ef72d29b91f8f28ce0c550871d978
- SSDEEP
  
  384:iGHHnySKDQbkoKDVbJdpGKDGPGAEWmmqAWsKfHRN7dYTJXlGs4mQfWfp:ip39EPGfq+dWE5RWB
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat