asyncrat | 21110b3fea3acb08b2473cd1ab0cc419ca0abfb1a9d49e380eb2d78bc80b020f | Triage

Sharing

General

Target

n.exe
Size

58KB
Sample

240727-memsdsxbjf
MD5

45f751b95f8f7b7109037d93c31dca94
SHA1

5c206b274e942fb3eb3242a3ba7cb83ca7c8b3bc
SHA256

21110b3fea3acb08b2473cd1ab0cc419ca0abfb1a9d49e380eb2d78bc80b020f
SHA512

be072dce776158d27069eb96d9332e62bb761823e3e158083f64304879fc00d538b1bfa78d4ed55efb50c5630f043501da58923d7d5f30c1e26d9f52cea878a0
SSDEEP

1536:tEKEJoIoSSTTRBfHiCvSbidURpD8kXYFvf+:2Kmo3tBlSbieRXYVm

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

SuperBoo Rat v1.1

Botnet

Default

C2

127.0.0.1:1337

127.0.0.1:5552

127.0.0.1:6703

le-pencil.gl.at.ply.gg:1337

le-pencil.gl.at.ply.gg:5552

le-pencil.gl.at.ply.gg:6703

Mutex

SuperBoo_mtex_920393

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  n.exe
- Size
  
  58KB
- MD5
  
  45f751b95f8f7b7109037d93c31dca94
- SHA1
  
  5c206b274e942fb3eb3242a3ba7cb83ca7c8b3bc
- SHA256
  
  21110b3fea3acb08b2473cd1ab0cc419ca0abfb1a9d49e380eb2d78bc80b020f
- SHA512
  
  be072dce776158d27069eb96d9332e62bb761823e3e158083f64304879fc00d538b1bfa78d4ed55efb50c5630f043501da58923d7d5f30c1e26d9f52cea878a0
- SSDEEP
  
  1536:tEKEJoIoSSTTRBfHiCvSbidURpD8kXYFvf+:2Kmo3tBlSbieRXYVm
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat