asyncrat | da8db952d42f91632429fd3759e0bb3e33f5ed22bc317675eea6ac6b51981814 | Triage

Sharing

General

Target

AsyncClient.exe
Size

47KB
Sample

240716-x39l6swenr
MD5

1ea406daa37b374e05e72266b4dbf69d
SHA1

3fb422e15a57dc66f3f50e14640888cf60cf5a69
SHA256

da8db952d42f91632429fd3759e0bb3e33f5ed22bc317675eea6ac6b51981814
SHA512

ae70490947f11e50a4069a0295040e1b61d19a1845454a8978f907a7aa29de31be5726a0183b17fc4511dbd8bd9d98fb7c97493ee7e756e7997d4566b9454ec3
SSDEEP

768:kuifo9Tg4xr5WUx9tDmo2qr/QVxwfiRTSPIHIfZh0bhDS31wuvSALlG6BLodGcBo:kuqo9Tg+L2nwmT7HIB2bhDSzqAxj9olo

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

Jamalhacker-55716.portmap.host:55716

Mutex

Px6vesn1b0HA

Attributes

delay
3
install
true
install_file
Windows pro.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  AsyncClient.exe
- Size
  
  47KB
- MD5
  
  1ea406daa37b374e05e72266b4dbf69d
- SHA1
  
  3fb422e15a57dc66f3f50e14640888cf60cf5a69
- SHA256
  
  da8db952d42f91632429fd3759e0bb3e33f5ed22bc317675eea6ac6b51981814
- SHA512
  
  ae70490947f11e50a4069a0295040e1b61d19a1845454a8978f907a7aa29de31be5726a0183b17fc4511dbd8bd9d98fb7c97493ee7e756e7997d4566b9454ec3
- SSDEEP
  
  768:kuifo9Tg4xr5WUx9tDmo2qr/QVxwfiRTSPIHIfZh0bhDS31wuvSALlG6BLodGcBo:kuqo9Tg+L2nwmT7HIB2bhDSzqAxj9olo
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat