asyncrat | 78b456a1aa4a53349336a991a107727c635bdbaa29ea6206964a28b781b19fd7 | Triage

Sharing

General

Target

a9da9c7246874c63c7ffe6eb591b0df2_JaffaCakes118
Size

550KB
Sample

240819-gpj7csxfqg
MD5

a9da9c7246874c63c7ffe6eb591b0df2
SHA1

074659f935fec38036899d3fa862292f347c732e
SHA256

78b456a1aa4a53349336a991a107727c635bdbaa29ea6206964a28b781b19fd7
SHA512

4ae8db88e5bfec1f6a5008e003e72d21d00467161bd60674055a938a5775c9ee909a269a949713fa9cf2fd9476234a651279f57107ac5ac8f91fd2703607df07
SSDEEP

12288:2ucUSPMxbcHmoOYQhqs2VUlmA0VdYVxK:SU8MxYHTQhqs2T

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

195.174.142.168:4784

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  a9da9c7246874c63c7ffe6eb591b0df2_JaffaCakes118
- Size
  
  550KB
- MD5
  
  a9da9c7246874c63c7ffe6eb591b0df2
- SHA1
  
  074659f935fec38036899d3fa862292f347c732e
- SHA256
  
  78b456a1aa4a53349336a991a107727c635bdbaa29ea6206964a28b781b19fd7
- SHA512
  
  4ae8db88e5bfec1f6a5008e003e72d21d00467161bd60674055a938a5775c9ee909a269a949713fa9cf2fd9476234a651279f57107ac5ac8f91fd2703607df07
- SSDEEP
  
  12288:2ucUSPMxbcHmoOYQhqs2VUlmA0VdYVxK:SU8MxYHTQhqs2T
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat