asyncrat | c603849b79b5472bf8733f8c5d7f39bd886e6ce3d61b3cc7d7b4278e3a599802 | Triage

Sharing

General

Target

c603849b79b5472bf8733f8c5d7f39bd886e6ce3d61b3cc7d7b4278e3a599802.exe
Size

1.2MB
Sample

240811-byncgsyejr
MD5

2f528c70be4abd7138859b6fa0990b3e
SHA1

a917e6ab7b5a2ead8fd23829678db650fef60b46
SHA256

c603849b79b5472bf8733f8c5d7f39bd886e6ce3d61b3cc7d7b4278e3a599802
SHA512

a408c3af7a5942bc415727c40d5ed0b4569b48937d65871ddaf1ab458fb6566a36f7114c758b34bdb237e6d1f6c9d74755a4ff53a88da20e31e353689739e933
SSDEEP

24576:/jAAahFflN4/3qqDZykMnAN4V4JeR7tluqCo94Z:cxDNKuABUxjuHom

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.6D

Botnet

Default

C2

seznam.zapto.org:6606

seznam.zapto.org:7707

seznam.zapto.org:8808

Mutex

tpfypmaupoo

Attributes

delay
5
install
true
install_file
microosofte.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  c603849b79b5472bf8733f8c5d7f39bd886e6ce3d61b3cc7d7b4278e3a599802.exe
- Size
  
  1.2MB
- MD5
  
  2f528c70be4abd7138859b6fa0990b3e
- SHA1
  
  a917e6ab7b5a2ead8fd23829678db650fef60b46
- SHA256
  
  c603849b79b5472bf8733f8c5d7f39bd886e6ce3d61b3cc7d7b4278e3a599802
- SHA512
  
  a408c3af7a5942bc415727c40d5ed0b4569b48937d65871ddaf1ab458fb6566a36f7114c758b34bdb237e6d1f6c9d74755a4ff53a88da20e31e353689739e933
- SSDEEP
  
  24576:/jAAahFflN4/3qqDZykMnAN4V4JeR7tluqCo94Z:cxDNKuABUxjuHom
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat