asyncrat | 07a52fffea40d1ab33c0761da4e7377ed56bc7103d980428560d88df1288374b | Triage

Sharing

General

Target

14fc31d57e9189208d2f85ecc41ecef9_JaffaCakes118
Size

171KB
Sample

240728-mmnpnawbra
MD5

14fc31d57e9189208d2f85ecc41ecef9
SHA1

b8fa227f2d069e0c07582ccc73bd2b12ad5ce561
SHA256

07a52fffea40d1ab33c0761da4e7377ed56bc7103d980428560d88df1288374b
SHA512

f530654a8cd9a49d247232b50f8961fbf8e8295e6cba4cc6c6c901b5e35dd41ad8decd21a31c70151c58ac8222c8444751005fb72db315009388b889437b80ef
SSDEEP

3072:/qDvht07yeW0Vqi8+WNEHj+ocJGjLOlqh0XYDS/za:/qDZt0WeW0VZIKjOGjLHh0XYDS/

Score

10^/10

asyncrat discovery execution rat

Malware Config

Targets

- Target
  
  14fc31d57e9189208d2f85ecc41ecef9_JaffaCakes118
- Size
  
  171KB
- MD5
  
  14fc31d57e9189208d2f85ecc41ecef9
- SHA1
  
  b8fa227f2d069e0c07582ccc73bd2b12ad5ce561
- SHA256
  
  07a52fffea40d1ab33c0761da4e7377ed56bc7103d980428560d88df1288374b
- SHA512
  
  f530654a8cd9a49d247232b50f8961fbf8e8295e6cba4cc6c6c901b5e35dd41ad8decd21a31c70151c58ac8222c8444751005fb72db315009388b889437b80ef
- SSDEEP
  
  3072:/qDvht07yeW0Vqi8+WNEHj+ocJGjLOlqh0XYDS/za:/qDZt0WeW0VZIKjOGjLHh0XYDS/
Score

10^/10

discovery execution asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2

asyncratdiscoveryexecutionrat