asyncrat | 24fa23a1908d5afe4a323872a2df703ecdc1fe033d321423c6c60f983d8d1f6e | Triage

Sharing

General

Target

AsyncClient.exe
Size

45KB
Sample

240808-b8t8saxgrp
MD5

2f0206e9dd15d9dccb2ecf93e7cf8ce8
SHA1

48223ea372b29b082e8f44c610ffc0edd88ed2ae
SHA256

24fa23a1908d5afe4a323872a2df703ecdc1fe033d321423c6c60f983d8d1f6e
SHA512

0790798f4a11cbf09c2a1dc74ef92c1b2f84c3b659efec9df9099a1eaab9c6a00c430c8316aaefa94da206b589741c45e7f0bf56cd3b58e8e43f8a8130ff8160
SSDEEP

768:puwpFTAY3IQWUe9jqmo2qLoKjPGaG6PIyzjbFgX3i+7Qs0M48wDdOTwBDZ6x:puwpFTA4/2xKTkDy3bCXS+cs07tgmd6x

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

ZC7aTuQsZ3YU

Attributes

delay
3
install
true
install_file
new rat.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  AsyncClient.exe
- Size
  
  45KB
- MD5
  
  2f0206e9dd15d9dccb2ecf93e7cf8ce8
- SHA1
  
  48223ea372b29b082e8f44c610ffc0edd88ed2ae
- SHA256
  
  24fa23a1908d5afe4a323872a2df703ecdc1fe033d321423c6c60f983d8d1f6e
- SHA512
  
  0790798f4a11cbf09c2a1dc74ef92c1b2f84c3b659efec9df9099a1eaab9c6a00c430c8316aaefa94da206b589741c45e7f0bf56cd3b58e8e43f8a8130ff8160
- SSDEEP
  
  768:puwpFTAY3IQWUe9jqmo2qLoKjPGaG6PIyzjbFgX3i+7Qs0M48wDdOTwBDZ6x:puwpFTA4/2xKTkDy3bCXS+cs07tgmd6x
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat