asyncrat | 61833e4934a1f4ca8c8465ae6ec5112f4a92b59a2e67f0767e31bc7390f55099 | Triage

Sharing

General

Target

download.exe
Size

65KB
Sample

240803-vx4smavbpd
MD5

97e2a799af6730778022e3860f838df4
SHA1

6553253c30e5cb7d9fa19fa4e05543ca6305e848
SHA256

61833e4934a1f4ca8c8465ae6ec5112f4a92b59a2e67f0767e31bc7390f55099
SHA512

dada8b74d68fcd4d53d87dd9a75efb44e0939606d1e6b1ac095e978a32268c1e71c4005ab7bbe05349c7efcbc616caf1041960f99cd75acbbe9ab440a0400944
SSDEEP

1536:02AZkvF1ISlC2OAaZtF/HSRRUysfnwV6JxMbXc6Wb50MEOAoZLhWkoLtqRISLWcx:026kvF1IRysfnwV6J2oJb5fE9cW/L4Rb

Score

10^/10

asyncrat default discovery rat spyware stealer

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

grogrogrogro.ddnsgeek.com:4444

Mutex

AsyncMutex_6SI8OWDAW

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  download.exe
- Size
  
  65KB
- MD5
  
  97e2a799af6730778022e3860f838df4
- SHA1
  
  6553253c30e5cb7d9fa19fa4e05543ca6305e848
- SHA256
  
  61833e4934a1f4ca8c8465ae6ec5112f4a92b59a2e67f0767e31bc7390f55099
- SHA512
  
  dada8b74d68fcd4d53d87dd9a75efb44e0939606d1e6b1ac095e978a32268c1e71c4005ab7bbe05349c7efcbc616caf1041960f99cd75acbbe9ab440a0400944
- SSDEEP
  
  1536:02AZkvF1ISlC2OAaZtF/HSRRUysfnwV6JxMbXc6Wb50MEOAoZLhWkoLtqRISLWcx:026kvF1IRysfnwV6J2oJb5fE9cW/L4Rb
Score

10^/10

asyncrat default discovery rat spyware stealer
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryratspywarestealer

behavioral2

asyncratdefaultdiscoveryratspywarestealer