asyncrat | ed88b5c4a8be75f5da0400817a9514bdcb38e602aa3fe463d39cec523dcd3268 | Triage

Sharing

General

Target

ed88b5c4a8be75f5da0400817a9514bdcb38e602aa3fe463d39cec523dcd3268
Size

6.7MB
Sample

240724-2txcpsvfme
MD5

da0f823b67bc093b75d381f2a105ecb6
SHA1

11e82222f4070fbadc8c4c2f194ba65d9fa60ac5
SHA256

ed88b5c4a8be75f5da0400817a9514bdcb38e602aa3fe463d39cec523dcd3268
SHA512

3d2986bf2b9d6fc9c7251934f68eab8995dc33b1cf3886c2360afebdc2f9f35a088a2e0d92002a3c225a07095a5213677df78a4bf95ed77842d98a998b1e1016
SSDEEP

196608:DLG4AO4eQBfDvBensLKd5rT0VjJ4azKIwI5CyrL7RkIXf0h:DygDQBjBGTAjJ4aXBrL7RkIX4

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

melo2024.kozow.com:8000

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_file
AnsyFelix
install_folder
%AppData%

aes.plain

Targets

- Target
  
  01-CITACION DEMANDA EN SU CONTRA -JUZGADO PENAL 01 CIRCUITO ESPECIALIZADO EXTINXION-01/01 NOTIFICACION DEMANDA..exe
- Size
  
  2.3MB
- MD5
  
  5d52ef45b6e5bf144307a84c2af1581b
- SHA1
  
  414a899ec327d4a9daa53983544245b209f25142
- SHA256
  
  26a24d3b0206c6808615c7049859c2fe62c4dcd87e7858be40ae8112b0482616
- SHA512
  
  458f47c1e4ccf41edaacc57abb663ee77ca098fffc596fad941bbdea67653aeabc79b34d607078b9ee5adb45614e26f5c28a09e8faf9532081fdd5dec9ac3c48
- SSDEEP
  
  49152:DzO+g39FbI0eQf/Z3CarWedoYAmXviDTMtT2wkqN5K:DzO19Fnf/hdoYAm9ZkqN5K
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  01-CITACION DEMANDA EN SU CONTRA -JUZGADO PENAL 01 CIRCUITO ESPECIALIZADO EXTINXION-01/winrar-x64-701es.exe
- Size
  
  3.9MB
- MD5
  
  6fd5d917d1afca88894bf84c93e31aa3
- SHA1
  
  39f4cebfa25f2b8b8ce09adead8beaec2bbfb332
- SHA256
  
  f5a13bb8f154db80fd9ebf38381f320dbc9741596eb6b910a18fe538dcf3a87f
- SHA512
  
  694989d8e75d7e15845ee7ce24473bacb072fcd4db3778334eafe8310007c1cad1315db41c92d6eeee22cc9390947435d0f1e3381796804a0d411271b2e36d17
- SSDEEP
  
  98304:KNRBOBfKGpFuQEluc/lFr/t+F5pu3s38rhG2XbFJYodwAg/dA8:cR/IFulVFMF5cY842XzYodwAW
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat

behavioral3

behavioral4