asyncrat | db504171c7ece47c2ca76a9bf4343b98a4196fec57f74430729b57c180fc219a | Triage

Sharing

General

Target

db504171c7ece47c2ca76a9bf4343b98a4196fec57f74430729b57c180fc219a
Size

77KB
Sample

240818-rq7zxsxelf
MD5

8e358be8819281482ce33f1d3335a2d5
SHA1

5e787f0d977c44edd0f65be22fb996be82223603
SHA256

db504171c7ece47c2ca76a9bf4343b98a4196fec57f74430729b57c180fc219a
SHA512

3ea7d496d0806354de3da51fca9681c6a2c9b3d77d54ac5db4cc58e2d7c4334274080a990c954e3cea601385d9a0d05c4bf758d614a2f535cd69525c92cdeb82
SSDEEP

1536:5huKQkz01I8B3HqJSlb70neUI3pqKmY7:H9z0e8BGSlb7Bkz

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

v1.0.8

Botnet

Default

C2

38.91.118.194:7415

Mutex

qccopvsmryslxi

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  db504171c7ece47c2ca76a9bf4343b98a4196fec57f74430729b57c180fc219a
- Size
  
  77KB
- MD5
  
  8e358be8819281482ce33f1d3335a2d5
- SHA1
  
  5e787f0d977c44edd0f65be22fb996be82223603
- SHA256
  
  db504171c7ece47c2ca76a9bf4343b98a4196fec57f74430729b57c180fc219a
- SHA512
  
  3ea7d496d0806354de3da51fca9681c6a2c9b3d77d54ac5db4cc58e2d7c4334274080a990c954e3cea601385d9a0d05c4bf758d614a2f535cd69525c92cdeb82
- SSDEEP
  
  1536:5huKQkz01I8B3HqJSlb70neUI3pqKmY7:H9z0e8BGSlb7Bkz
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat