asyncrat | 36edf4090f6e91fdc91a9bc3ec1f94c8cabad7ee22dface2651e1f01c1730ab8 | Triage

Sharing

General

Target

36edf4090f6e91fdc91a9bc3ec1f94c8cabad7ee22dface2651e1f01c1730ab8
Size

10.0MB
Sample

240802-y82n7atfkc
MD5

6b7aeb6425309816ce65f2108e52905a
SHA1

ccf1c022af31320e924739ea194bf31178a3fe9a
SHA256

36edf4090f6e91fdc91a9bc3ec1f94c8cabad7ee22dface2651e1f01c1730ab8
SHA512

4fecd428998c5fa0d0f8a709784150c6a0d4cd463936e4164fd3caeaa12363b3cf1129fa29233ce066510683fa0efd9acdb222473ee7e3406c2a246ceccacc01
SSDEEP

49152:YDzPnpt41VxiQFl60I4fbWgi2FJq3AhnY4F/HKx3/:4Ppt41HiylHnTqw6Kv+

Score

10^/10

asyncrat julio 31 discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

julio 31

C2

estefmedina27.duckdns.org:9090

Mutex

firewallrtfghyulgsmmkliyrefdswaqbloi

Attributes

delay
15
install
false
install_file
firewall
install_folder
%AppData%

aes.plain

Targets

- Target
  
  36edf4090f6e91fdc91a9bc3ec1f94c8cabad7ee22dface2651e1f01c1730ab8
- Size
  
  10.0MB
- MD5
  
  6b7aeb6425309816ce65f2108e52905a
- SHA1
  
  ccf1c022af31320e924739ea194bf31178a3fe9a
- SHA256
  
  36edf4090f6e91fdc91a9bc3ec1f94c8cabad7ee22dface2651e1f01c1730ab8
- SHA512
  
  4fecd428998c5fa0d0f8a709784150c6a0d4cd463936e4164fd3caeaa12363b3cf1129fa29233ce066510683fa0efd9acdb222473ee7e3406c2a246ceccacc01
- SSDEEP
  
  49152:YDzPnpt41VxiQFl60I4fbWgi2FJq3AhnY4F/HKx3/:4Ppt41HiylHnTqw6Kv+
Score

10^/10

asyncrat julio 31 discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratjulio 31discoverypersistencerat

behavioral2

asyncratjulio 31discoverypersistencerat