asyncrat | 8912a860fea905932645a87fb22455057e7fee4aa6f64a3cf0a2ef28e810f6ae | Triage

Sharing

General

Target

8912a860fea905932645a87fb22455057e7fee4aa6f64a3cf0a2ef28e810f6ae
Size

3.9MB
Sample

240711-2jsxjazcnb
MD5

c8de9399c22a91d81bc9ecbe502556c1
SHA1

5c70471cb9b4278052561db539b2004fa02b2e90
SHA256

8912a860fea905932645a87fb22455057e7fee4aa6f64a3cf0a2ef28e810f6ae
SHA512

b699d636a745596591dde641f0bd4d27a7b8b98287390f39e5d61c9f1faccec975c100ec7d41176eb6536dc59cbc9258addbd69fd9014f0480d3e23f966399a9
SSDEEP

49152:JOb699GhOeeYrHhxNg0Dobuh9CY501gFji3o8SIP1qJ5+BXldQJmnt7wBHQ:L9vYrdnfsSIAJYBXlVwBw

Score

10^/10

asyncrat default execution rat

Malware Config

Extracted

Family

asyncrat

Version

0.0.1A

Botnet

Default

C2

185.216.214.217:5858

Mutex

fghre9ijuve9 juejuoirujiovijo

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  8912a860fea905932645a87fb22455057e7fee4aa6f64a3cf0a2ef28e810f6ae
- Size
  
  3.9MB
- MD5
  
  c8de9399c22a91d81bc9ecbe502556c1
- SHA1
  
  5c70471cb9b4278052561db539b2004fa02b2e90
- SHA256
  
  8912a860fea905932645a87fb22455057e7fee4aa6f64a3cf0a2ef28e810f6ae
- SHA512
  
  b699d636a745596591dde641f0bd4d27a7b8b98287390f39e5d61c9f1faccec975c100ec7d41176eb6536dc59cbc9258addbd69fd9014f0480d3e23f966399a9
- SSDEEP
  
  49152:JOb699GhOeeYrHhxNg0Dobuh9CY501gFji3o8SIP1qJ5+BXldQJmnt7wBHQ:L9vYrdnfsSIAJYBXlVwBw
Score

10^/10

execution asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultexecutionrat