asyncrat | 196179f67d68cce7bfeac16afb4c31acfc881572b307a61764523f90be84b043 | Triage

Sharing

General

Target

faggotkiller.exe
Size

6.7MB
Sample

240817-bh7fes1hjr
MD5

867aaa72c0458edbf0c4bdb658bb5377
SHA1

671f96b68eb6844568c2bf230f86e4cd14cf8ff4
SHA256

196179f67d68cce7bfeac16afb4c31acfc881572b307a61764523f90be84b043
SHA512

18171a069ac194777d9081b8e27a9a0ad13f14772085f346bc88a327e413590ef57d229976781744d2d28cb39cbda9ac01e4230bef1cc4ab9aaace7bbae51c23
SSDEEP

196608:mQhDRABoDVISzwVXinBrsvV5CnYSwUrA5wObjz:thDRVDV54KsbCYS3rAaObn

Score

10^/10

asyncrat 1337 discovery rat

Malware Config

Extracted

Family

asyncrat

Version

hookRAT / private

Botnet

1337

C2

147.185.221.16:56793

Mutex

2jepz68ISJs0

Attributes

delay
3
install
false
install_file
Update.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  faggotkiller.exe
- Size
  
  6.7MB
- MD5
  
  867aaa72c0458edbf0c4bdb658bb5377
- SHA1
  
  671f96b68eb6844568c2bf230f86e4cd14cf8ff4
- SHA256
  
  196179f67d68cce7bfeac16afb4c31acfc881572b307a61764523f90be84b043
- SHA512
  
  18171a069ac194777d9081b8e27a9a0ad13f14772085f346bc88a327e413590ef57d229976781744d2d28cb39cbda9ac01e4230bef1cc4ab9aaace7bbae51c23
- SSDEEP
  
  196608:mQhDRABoDVISzwVXinBrsvV5CnYSwUrA5wObjz:thDRVDV54KsbCYS3rAaObn
Score

10^/10

asyncrat 1337 discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncrat1337discoveryrat