asyncrat | e75f0b253a7a1fbd89b3e4a6d8557bcf82f5ab768daedb3087f76f7df7da96fb | Triage

Resubmissions

12-07-2024 05:08

240712-fsxfesscla 10

Sharing

General

Target

teste.exe
Size

45KB
Sample

240712-fsxfesscla
MD5

39fb1441dd20fb5ab770e846469c92be
SHA1

0207009a6763ad9616cf05405fab459ee98239a2
SHA256

e75f0b253a7a1fbd89b3e4a6d8557bcf82f5ab768daedb3087f76f7df7da96fb
SHA512

0f550b604ba4df6f6581a940ddd9bd569d546d2a62559859f56109b4ad33f0785b28f042c9f95f82c8ad001b2114e832939d6e909bd9a42b286f2418e176279d
SSDEEP

768:JuyCNTAoZjRWUJd9bmo2qLNmJ5G61cPInzjbUgX3ijbHHLsvr5BDZmx:JuyCNTAGL2omDDhn3b7XSfH8rndmx

Score

10^/10

asyncrat niggers rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Niggers

Mutex

QbwNF2xUAg1m

Attributes

delay
3
install
false
install_file
updater.exe
install_folder
%AppData%
pastebin_config
https://pastebin.com/raw/Hbm5qNCB

aes.plain

Targets

- Target
  
  teste.exe
- Size
  
  45KB
- MD5
  
  39fb1441dd20fb5ab770e846469c92be
- SHA1
  
  0207009a6763ad9616cf05405fab459ee98239a2
- SHA256
  
  e75f0b253a7a1fbd89b3e4a6d8557bcf82f5ab768daedb3087f76f7df7da96fb
- SHA512
  
  0f550b604ba4df6f6581a940ddd9bd569d546d2a62559859f56109b4ad33f0785b28f042c9f95f82c8ad001b2114e832939d6e909bd9a42b286f2418e176279d
- SSDEEP
  
  768:JuyCNTAoZjRWUJd9bmo2qLNmJ5G61cPInzjbUgX3ijbHHLsvr5BDZmx:JuyCNTAGL2omDDhn3b7XSfH8rndmx
Score

10^/10

asyncrat niggers rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Deletes itself
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

ratniggersasyncrat

behavioral1

asyncratniggersrat

behavioral2

asyncratniggersrat