asyncrat | c42ca7e0ce3957b35e9cf2446ebcb7d008e3ceb362d6a6fc16377b7710c16514 | Triage

Sharing

General

Target

Solicitud-00002320012454100.xz
Size

1.5MB
Sample

240725-tedcaascld
MD5

e3546c9971b02f17644002a43903694f
SHA1

eb0ad8f09bd4792c90a24b838f775857dfdeef20
SHA256

c42ca7e0ce3957b35e9cf2446ebcb7d008e3ceb362d6a6fc16377b7710c16514
SHA512

48a80b89622214cb3fbfa5b7250291105132f33d4a7a919a8e1c17d81e34d01bd3d0a17a7f1c95123f07ad394207477428d473ce2126b445874c072fe26a7d21
SSDEEP

49152:ng5Vj8jCnF+V2NBdoCIv+QanpGMDCjjFQM:Ej8jCF+V4oCCSnQMDCnFd

Score

10^/10

asyncrat enviojulio discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

ENVIOJULIO

C2

hiperconection.duckdns.org:3030

Mutex

PRMBSRGT0kqWhLMuk3qtRg

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Solicitud-00002320012454100.exe
- Size
  
  3.8MB
- MD5
  
  cf388a1574805e6b2e1b96c078d8fce7
- SHA1
  
  26b0a1dfb9f093b0c3cabd6cfed4e8d066b04f1c
- SHA256
  
  db053aafcb1565ca81c3f760716f0e89a25afccaa3027f6ba712a1ef32bb9b35
- SHA512
  
  1d1bd3b02fba34f5bb63441b45245a3a78fd2932aa5fc29cca5f4fd2401dd938a26b7d125d2da8faea8fedca1b460ce22dad77d2866c4b5964deb6a86daee47a
- SSDEEP
  
  98304:wmJVD97VAOltrWJP8SDUTYAA56RoeXN3cJvPd4Fm0fP0j:wmJ7hAatrWJP8S+YAfSkN+vPji0j
Score

10^/10

asyncrat enviojulio discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratenviojuliodiscoverypersistencerat

behavioral2