asyncrat | 4e6ae5fd4a54e6497b36ef81536f9c1f94f11cf13b164dec4d466feb0ea2d262 | Triage

Submit
Reports

Overview

overview

Static

static

3

ExtremeDumper-x64.exe

windows7-x64

ExtremeDumper-x64.exe

windows10-2004-x64

Sharing

General

Target

ExtremeDumper-x64.exe
Size

1.7MB
Sample

240727-dlm73atbnr
MD5

d80005f7cff14a06d50cb6d363fdf2e9
SHA1

74ed3f842c6ae54a647c5af5fa9456e9c19b9cc5
SHA256

4e6ae5fd4a54e6497b36ef81536f9c1f94f11cf13b164dec4d466feb0ea2d262
SHA512

6679fe68ae7478c00a9ff4948eee7bf36ab7004ae3afd888fccba7b88df493504876afa48ed55e4163c235808c5fa67d4ef30f132bb5d88c7bc1c42196aa86ae
SSDEEP

49152:peBSdEv60XsKmSE02hrzFqVRqnc2vbu3:6jv5TRM1nc2ju

Score

10^/10

asyncrat 1 discovery rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ExtremeDumper-x64.exe

Resource

win7-20240704-en

asyncrat 1 discovery rat

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ExtremeDumper-x64.exe

Resource

win10v2004-20240709-en

asyncrat 1 discovery rat

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

1

C2

paris-itself.gl.at.ply.gg:49485

147.185.221.20:49485

Mutex

DAC4G8C1tEM2

Attributes

delay
3
install
true
install_file
System.exe
install_folder
%Temp%

aes.plain

Targets

- Target
  
  ExtremeDumper-x64.exe
- Size
  
  1.7MB
- MD5
  
  d80005f7cff14a06d50cb6d363fdf2e9
- SHA1
  
  74ed3f842c6ae54a647c5af5fa9456e9c19b9cc5
- SHA256
  
  4e6ae5fd4a54e6497b36ef81536f9c1f94f11cf13b164dec4d466feb0ea2d262
- SHA512
  
  6679fe68ae7478c00a9ff4948eee7bf36ab7004ae3afd888fccba7b88df493504876afa48ed55e4163c235808c5fa67d4ef30f132bb5d88c7bc1c42196aa86ae
- SSDEEP
  
  49152:peBSdEv60XsKmSE02hrzFqVRqnc2vbu3:6jv5TRM1nc2ju
Score

10^/10

asyncrat 1 discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncrat1discoveryrat

behavioral2

asyncrat1discoveryrat

© 2018-2024

Terms | Privacy