asyncrat | eeefe9ece30cb5611a3a5cbf4757118a9347af52bcef9cf50e7646869acd1106 | Triage

Sharing

General

Target

eeefe9ece30cb5611a3a5cbf4757118a9347af52bcef9cf50e7646869acd1106
Size

604KB
Sample

240724-e9fzbsycnk
MD5

7106f8b0e3c1b50ac3c014c01a484f47
SHA1

893e3b52191c93deb48a8fff49b7c92e3e6daf4e
SHA256

eeefe9ece30cb5611a3a5cbf4757118a9347af52bcef9cf50e7646869acd1106
SHA512

5c185a2ce43b9b95ab8f861420347dd7a137d0838a8ce5bee1640e5d60359ad262b3c8bb15465fb432ede5daca6791abc11dcbc906b7a68a5e19e12d02fc2143
SSDEEP

12288:+7kjofC1P7zSh3njLG3KVIvBScz6gAOlkqIq:b1UG3K2wcz6Hikq

Score

10^/10

asyncrat lzmbltrn2 discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7A

Botnet

lzmbltrn2

C2

lzmbltrn24.con-ip.com:6606

Mutex

uuooxuxbnkywum

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  eeefe9ece30cb5611a3a5cbf4757118a9347af52bcef9cf50e7646869acd1106
- Size
  
  604KB
- MD5
  
  7106f8b0e3c1b50ac3c014c01a484f47
- SHA1
  
  893e3b52191c93deb48a8fff49b7c92e3e6daf4e
- SHA256
  
  eeefe9ece30cb5611a3a5cbf4757118a9347af52bcef9cf50e7646869acd1106
- SHA512
  
  5c185a2ce43b9b95ab8f861420347dd7a137d0838a8ce5bee1640e5d60359ad262b3c8bb15465fb432ede5daca6791abc11dcbc906b7a68a5e19e12d02fc2143
- SSDEEP
  
  12288:+7kjofC1P7zSh3njLG3KVIvBScz6gAOlkqIq:b1UG3K2wcz6Hikq
Score

10^/10

asyncrat lzmbltrn2 discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratlzmbltrn2discoveryrat

behavioral2

asyncratlzmbltrn2discoveryrat