asyncrat | b0f6c6800ac04efd9d64be26677676b25e1638e8e140c1129c704380d4deac8b | Triage

Sharing

General

Target

b0f6c6800ac04efd9d64be26677676b25e1638e8e140c1129c704380d4deac8b
Size

47KB
Sample

240714-xxq8msvglc
MD5

305565f477f37de109333ccd3462cbd9
SHA1

2d284a889e3e9b205210611d18b30002bad03741
SHA256

b0f6c6800ac04efd9d64be26677676b25e1638e8e140c1129c704380d4deac8b
SHA512

436f720464ea21b6584789b9d3d48efc6a476f79ce16ea9168c8e53df2a722c82409eb4a7e2d8eafdac9dd0c614864f2d6c23bafcf04b0a4b381c1aa04eb65b6
SSDEEP

768:Iu2z1T1tMfdWUdLO3mo2qz1zVkWUzbPI1E9HpA0bX0EAjE8qOqjuoRIGsGSZBDZa:Iu2z1T1y22ykWUzk1MHhbXddXhjuo0Gt

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

192.168.1.89:6606

192.168.1.89:7707

192.168.1.89:8808

192.168.1.1:6606

192.168.1.1:7707

192.168.1.1:8808

71.93.221.109:6606

71.93.221.109:7707

71.93.221.109:8808

Mutex

K9wQVBDAbpUd

Attributes

delay
3
install
false
install_file
Tempp.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  b0f6c6800ac04efd9d64be26677676b25e1638e8e140c1129c704380d4deac8b
- Size
  
  47KB
- MD5
  
  305565f477f37de109333ccd3462cbd9
- SHA1
  
  2d284a889e3e9b205210611d18b30002bad03741
- SHA256
  
  b0f6c6800ac04efd9d64be26677676b25e1638e8e140c1129c704380d4deac8b
- SHA512
  
  436f720464ea21b6584789b9d3d48efc6a476f79ce16ea9168c8e53df2a722c82409eb4a7e2d8eafdac9dd0c614864f2d6c23bafcf04b0a4b381c1aa04eb65b6
- SSDEEP
  
  768:Iu2z1T1tMfdWUdLO3mo2qz1zVkWUzbPI1E9HpA0bX0EAjE8qOqjuoRIGsGSZBDZa:Iu2z1T1y22ykWUzk1MHhbXddXhjuo0Gt
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat