asyncrat | f2c4cd188a316d854f83b1310a637218de6fbe931d43215a18f55ecc7a0a4ea1 | Triage

Sharing

General

Target

2024-07-23_3cc976262c6a13d87cbb4aa4c0c8d858_magniber
Size

5.7MB
Sample

240723-avsx5axgjq
MD5

3cc976262c6a13d87cbb4aa4c0c8d858
SHA1

4bd1d3dc98866aeecf2c5288b2327e4e099601f7
SHA256

f2c4cd188a316d854f83b1310a637218de6fbe931d43215a18f55ecc7a0a4ea1
SHA512

f0f49c992dedb0fc4fba50dfe9b1de1871a5c3a63912383611b174214c398fcdcc75dfe2bbb70147254d91ccf9b5012e1d81107f3c33e69400ed39ab8e188c3d
SSDEEP

98304:caF+f/g0GlqoYZGX+5dRl2cZI0V7zkJ+djJALokUebxVGqCaJq0mgYJga:XF+3g0IQHdPtjOLokUebxVGqQGYJl

Score

10^/10

asyncrat julio 18 persistence rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

JULIO 18

C2

rafaborre27.duckdns.org:5050

Mutex

windowsgsdafewrtsudifhrtdiwondhdg

Attributes

delay
10
install
false
install_file
windowsdefender
install_folder
%AppData%

aes.plain

Targets

- Target
  
  2024-07-23_3cc976262c6a13d87cbb4aa4c0c8d858_magniber
- Size
  
  5.7MB
- MD5
  
  3cc976262c6a13d87cbb4aa4c0c8d858
- SHA1
  
  4bd1d3dc98866aeecf2c5288b2327e4e099601f7
- SHA256
  
  f2c4cd188a316d854f83b1310a637218de6fbe931d43215a18f55ecc7a0a4ea1
- SHA512
  
  f0f49c992dedb0fc4fba50dfe9b1de1871a5c3a63912383611b174214c398fcdcc75dfe2bbb70147254d91ccf9b5012e1d81107f3c33e69400ed39ab8e188c3d
- SSDEEP
  
  98304:caF+f/g0GlqoYZGX+5dRl2cZI0V7zkJ+djJALokUebxVGqCaJq0mgYJga:XF+3g0IQHdPtjOLokUebxVGqQGYJl
Score

10^/10

asyncrat julio 18 persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratjulio 18persistencerat

behavioral2

asyncratjulio 18persistencerat