asyncrat | 7c991793d6d9d1b21496bfd5867fc3d991a5f0f5013c0733ab57b2ac89f00a10 | Triage

Sharing

General

Target

2dbacaa402f62d628a0177d2aabdb9e6_JaffaCakes118
Size

45KB
Sample

240729-aqvadsxfph
MD5

2dbacaa402f62d628a0177d2aabdb9e6
SHA1

eb3eb09ee98c1b7e00e69d64b1f3c841cb8089f7
SHA256

7c991793d6d9d1b21496bfd5867fc3d991a5f0f5013c0733ab57b2ac89f00a10
SHA512

2ec3d990000d492f1b6b0f502b49c10541c99772c883de1aed4161c08d5cd33ff2b673f815675e6bac665c5e86516a5f24794a5ad095774ce5f2b50b4a8d0f5a
SSDEEP

768:wu/JRToSkobbWUnWCimo2qBrKjGKG6PIyzjbFgX3idBA19Gd5MNABDZ6x:wu/JRT3T82MKYDy3bCXSoUd6x

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

fsft.p-e.kr:1

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  2dbacaa402f62d628a0177d2aabdb9e6_JaffaCakes118
- Size
  
  45KB
- MD5
  
  2dbacaa402f62d628a0177d2aabdb9e6
- SHA1
  
  eb3eb09ee98c1b7e00e69d64b1f3c841cb8089f7
- SHA256
  
  7c991793d6d9d1b21496bfd5867fc3d991a5f0f5013c0733ab57b2ac89f00a10
- SHA512
  
  2ec3d990000d492f1b6b0f502b49c10541c99772c883de1aed4161c08d5cd33ff2b673f815675e6bac665c5e86516a5f24794a5ad095774ce5f2b50b4a8d0f5a
- SSDEEP
  
  768:wu/JRToSkobbWUnWCimo2qBrKjGKG6PIyzjbFgX3idBA19Gd5MNABDZ6x:wu/JRT3T82MKYDy3bCXSoUd6x
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat