asyncrat | f34aeab2b61f725d9474dd03a25012551bb413ac9ca4569e456bafc623eaab47 | Triage

Sharing

General

Target

AsyncClient.exe
Size

48KB
Sample

240708-s55zjsydnf
MD5

e62e07b042445d7da0fcdf8ddd6c846f
SHA1

82621104685276490f664ba9ff36e80f30bc6e28
SHA256

f34aeab2b61f725d9474dd03a25012551bb413ac9ca4569e456bafc623eaab47
SHA512

f6280cb656679e210d694a53af82f35a3eb72cbc7331fc0ea1729125f56ce9cfb1e26c338aa10e064088728a9777e0d74f9e65c801422f8ade62705117bcdad4
SSDEEP

768:vuPfZTg4pYiWUU9jjmo2qrOkrGAnHTbyRIW1fsG0bQTG4xRwQeZaHmcDZCs+:vuPfZTgKa2DkdnHqRL1UJbQSWwQeAHJc

Score

10^/10

asyncrat default evasion rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

version-brings.gl.at.ply.gg:58939

Mutex

mNSpgvAATb7S

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  AsyncClient.exe
- Size
  
  48KB
- MD5
  
  e62e07b042445d7da0fcdf8ddd6c846f
- SHA1
  
  82621104685276490f664ba9ff36e80f30bc6e28
- SHA256
  
  f34aeab2b61f725d9474dd03a25012551bb413ac9ca4569e456bafc623eaab47
- SHA512
  
  f6280cb656679e210d694a53af82f35a3eb72cbc7331fc0ea1729125f56ce9cfb1e26c338aa10e064088728a9777e0d74f9e65c801422f8ade62705117bcdad4
- SSDEEP
  
  768:vuPfZTg4pYiWUU9jjmo2qrOkrGAnHTbyRIW1fsG0bQTG4xRwQeZaHmcDZCs+:vuPfZTgKa2DkdnHqRL1UJbQSWwQeAHJc
Score

10^/10

asyncrat default evasion rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Modifies visibility of file extensions in Explorer
  evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultevasionrat