asyncrat | c72c02aa10e6609c29969f89b655aa99c7416aa87b391cf877fb1d31982bab66 | Triage

Sharing

General

Target

c72c02aa10e6609c29969f89b655aa99c7416aa87b391cf877fb1d31982bab66.exe
Size

66KB
Sample

240726-gm3wpazfjk
MD5

433bf8f02605fcf30d63ee99f94be057
SHA1

740c51573e09c20ea99054cde34eff26512c37a9
SHA256

c72c02aa10e6609c29969f89b655aa99c7416aa87b391cf877fb1d31982bab66
SHA512

75c5ba92e8a550838f2810f016ab22fb60e4e6005f141ade5d968e888e8c05ad9828b1c723cacb346991dddb20c5c49d7cf4b2e3451707f6b9293e1b58992d2d
SSDEEP

1536:YKh54k58k/GWZOKuvUYF9ebF0ruhDbC0mvCMJurITGy/:YK/4k58kAKuvUYF9ebSruxbCjJuOh/

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

story-pl.gl.at.ply.gg:13978

Mutex

dsopfkpsdgkspohspog-0p

Attributes

delay
3
install
true
install_file
svchost.exe
install_folder
%Temp%

aes.plain

Targets

- Target
  
  c72c02aa10e6609c29969f89b655aa99c7416aa87b391cf877fb1d31982bab66.exe
- Size
  
  66KB
- MD5
  
  433bf8f02605fcf30d63ee99f94be057
- SHA1
  
  740c51573e09c20ea99054cde34eff26512c37a9
- SHA256
  
  c72c02aa10e6609c29969f89b655aa99c7416aa87b391cf877fb1d31982bab66
- SHA512
  
  75c5ba92e8a550838f2810f016ab22fb60e4e6005f141ade5d968e888e8c05ad9828b1c723cacb346991dddb20c5c49d7cf4b2e3451707f6b9293e1b58992d2d
- SSDEEP
  
  1536:YKh54k58k/GWZOKuvUYF9ebF0ruhDbC0mvCMJurITGy/:YK/4k58kAKuvUYF9ebSruxbCjJuOh/
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat