asyncrat | 53d7e05f1840e1a7098d250d930a11781c1201fcf6fc3af859d4b7f37312a0dc | Triage

Sharing

General

Target

53d7e05f1840e1a7098d250d930a11781c1201fcf6fc3af859d4b7f37312a0dc
Size

3.3MB
Sample

240819-v3v3ns1bkk
MD5

47d2c9fdce8b254746b126aa16d02297
SHA1

c057b76b02b47547a97596724c072d3cf570c4b6
SHA256

53d7e05f1840e1a7098d250d930a11781c1201fcf6fc3af859d4b7f37312a0dc
SHA512

f70c16ebb3e7e65d1ea52e29bd34a930e9e96b726c7d703899544fce3f3c819ec9602765e2c8b463390c11c1bcb87b20f1e641702f3bf4f69a75b6e88267ed34
SSDEEP

24576:lAy3Kl2T0bvAbndFFHCQIKFjh629ne5nX5uvuUO:lAiKl2TqgndFFHCQIKFjh62v5O

Score

10^/10

asyncrat default execution rat upx

Malware Config

Extracted

Family

asyncrat

Version

v1.0.7

Botnet

Default

C2

124.248.65.227:7415

Mutex

pmfiqqijbzlzb

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  53d7e05f1840e1a7098d250d930a11781c1201fcf6fc3af859d4b7f37312a0dc
- Size
  
  3.3MB
- MD5
  
  47d2c9fdce8b254746b126aa16d02297
- SHA1
  
  c057b76b02b47547a97596724c072d3cf570c4b6
- SHA256
  
  53d7e05f1840e1a7098d250d930a11781c1201fcf6fc3af859d4b7f37312a0dc
- SHA512
  
  f70c16ebb3e7e65d1ea52e29bd34a930e9e96b726c7d703899544fce3f3c819ec9602765e2c8b463390c11c1bcb87b20f1e641702f3bf4f69a75b6e88267ed34
- SSDEEP
  
  24576:lAy3Kl2T0bvAbndFFHCQIKFjh629ne5nX5uvuUO:lAiKl2TqgndFFHCQIKFjh62v5O
Score

10^/10

asyncrat default execution rat upx
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultexecutionratupx