asyncrat | 49e31f8fbab7da57b575da0fcab3cc4f412c922c4af95416e68134de3d743844 | Triage

Sharing

General

Target

Fructose Checker.exe
Size

9.7MB
Sample

240817-28197ssfpf
MD5

c9f3e6d590c86065a93b9a93efab2363
SHA1

035c94447fb233dc962bb9a578b2a01b9a312e8e
SHA256

49e31f8fbab7da57b575da0fcab3cc4f412c922c4af95416e68134de3d743844
SHA512

a3a951fa341b8fda94fea428ace54b119966c1243b3e6ac419323e8bb17aa1251944d4a8d6783ffd15bf4cf246dd57e00afaa49311f73d655b0ad6b63224327d
SSDEEP

196608:FtW1v4s39/4BsNYFRetQ+Ym9nLIUMBuiyObFrEUndTfyHdy2Cao7/NEeLurDRc:FmAsN/4GNY4QgLIZyMFVdfyMLJ7BLcDC

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

googl3d.ddnsking.com:8808

googl3d.ddnsking.com:8080

googl3d.ddnsking.com:7707

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
true
install_file
Runtime.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Fructose Checker.exe
- Size
  
  9.7MB
- MD5
  
  c9f3e6d590c86065a93b9a93efab2363
- SHA1
  
  035c94447fb233dc962bb9a578b2a01b9a312e8e
- SHA256
  
  49e31f8fbab7da57b575da0fcab3cc4f412c922c4af95416e68134de3d743844
- SHA512
  
  a3a951fa341b8fda94fea428ace54b119966c1243b3e6ac419323e8bb17aa1251944d4a8d6783ffd15bf4cf246dd57e00afaa49311f73d655b0ad6b63224327d
- SSDEEP
  
  196608:FtW1v4s39/4BsNYFRetQ+Ym9nLIUMBuiyObFrEUndTfyHdy2Cao7/NEeLurDRc:FmAsN/4GNY4QgLIZyMFVdfyMLJ7BLcDC
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat