asyncrat | 60071c6368126a49461b2bb1b53c0a3547150c045a75363ee2c6ee038fa3ca48 | Triage

Sharing

General

Target

66e220b33b24bec99a124bf81f5cbee1.bin
Size

22KB
Sample

240729-c972pstcqg
MD5

607a766693d2c8f036aeaea63d26cf47
SHA1

dc03a7b27d67bb5d2997ad122105736d6023a6b8
SHA256

60071c6368126a49461b2bb1b53c0a3547150c045a75363ee2c6ee038fa3ca48
SHA512

2219d7d324aece27c458b28a0ba91b4b2c83dfccbcd96e81ef966ef472156790fa3059b4cf90c77c833bb95084ef647dd80f77996fad50c289179937d217117a
SSDEEP

384:TPWu6JA8Abi66PZuYuYk5nRoL9mdJvNazgucxE783ZdMQ:TPb6JA8KirPZukKRE+FK1fqzMQ

Score

10^/10

asyncrat discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
true
install_file
svchost.exe
install_folder
%AppData%
pastebin_config
https://pastebin.com/raw/bHKKgu6n

aes.plain

Targets

- Target
  
  a2b83ca2802947ffbb1b191ee1b8326d4dcbac5f4d99bbb25ba816717b50fa3c.exe
- Size
  
  45KB
- MD5
  
  66e220b33b24bec99a124bf81f5cbee1
- SHA1
  
  147c16eb7bdf357f5061d2acb28736c5d49a0bdb
- SHA256
  
  a2b83ca2802947ffbb1b191ee1b8326d4dcbac5f4d99bbb25ba816717b50fa3c
- SHA512
  
  30d753a3fe53a4db078d6479ad16f72de80a17835c30f6269edb184f40542826e4da302be370754adeb51c47e242e1f02583a327f7b7493c6c2aa8e7069eb1c3
- SSDEEP
  
  768:5uiGNTdFHLBWUZiGrmo2qrrKjGKG6PIyzjbFgX3iFV7wtzuQ66cB2bkBDZyu:5uiGNTdBR2mKYDy3bCXSX7wtzuQMySd7
Score

10^/10

asyncrat discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdiscoveryrat

behavioral2

asyncratdiscoveryrat