asyncrat | 01b7eea92bb27df73a6972f00927ba3a5989771f90052297f4027fc33e804ffd | Triage

Sharing

General

Target

01b7eea92bb27df73a6972f00927ba3a5989771f90052297f4027fc33e804ffd.exe
Size

6.8MB
Sample

240710-rlxy6aseqq
MD5

b2b458a4d32353ea767fd85090da3cad
SHA1

7cafde34ad660df06370e8b8668fe28545d6dbf1
SHA256

01b7eea92bb27df73a6972f00927ba3a5989771f90052297f4027fc33e804ffd
SHA512

a1fb74f67bf763d1e81de1d17702ee3d967ed00288f0f68abf842346bb8dcb4e2c64b9353c6c612e3c9878348619506fbf217670d27cbe63526a44041264fe11
SSDEEP

196608:qbce1Juq1YCnUAP6fVJEsspI2jzuTRzzcc2YwForrrrNrrrrrprrrrXrrrrrHrrE:qAou0Y7ASfV6qfwt

Score

10^/10

asyncrat mailru rat

Malware Config

Extracted

Family

asyncrat

Version

ITSOBR

Botnet

MailRU

C2

52cf04efee6d.sn.mynetname.net:2024

Mutex

olErDv8aDk6J

Attributes

delay
30
install
true
install_file
Chrome.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  01b7eea92bb27df73a6972f00927ba3a5989771f90052297f4027fc33e804ffd.exe
- Size
  
  6.8MB
- MD5
  
  b2b458a4d32353ea767fd85090da3cad
- SHA1
  
  7cafde34ad660df06370e8b8668fe28545d6dbf1
- SHA256
  
  01b7eea92bb27df73a6972f00927ba3a5989771f90052297f4027fc33e804ffd
- SHA512
  
  a1fb74f67bf763d1e81de1d17702ee3d967ed00288f0f68abf842346bb8dcb4e2c64b9353c6c612e3c9878348619506fbf217670d27cbe63526a44041264fe11
- SSDEEP
  
  196608:qbce1Juq1YCnUAP6fVJEsspI2jzuTRzzcc2YwForrrrNrrrrrprrrrXrrrrrHrrE:qAou0Y7ASfV6qfwt
Score

10^/10

asyncrat mailru rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratmailrurat

behavioral2

asyncratmailrurat