asyncrat | b000ad3739dd8c9b6e818019b4d3d60b42c1333eb20947344d9410abe5a52200 | Triage

Sharing

General

Target

958f892db4696903b0af87032931fc90N.exe
Size

63KB
Sample

240820-1pbd1avekb
MD5

958f892db4696903b0af87032931fc90
SHA1

5309c8ac00b200253cc93c0448966a6d1834fd74
SHA256

b000ad3739dd8c9b6e818019b4d3d60b42c1333eb20947344d9410abe5a52200
SHA512

2a9c9c78ca66c93e1eaf90b50e44bed7e5dd7e6f83304989ad8d34810a1866cdd0978025c30e9bf300676c96e0500b0dc6acfcca8bc443fa2ae36e750c09333c
SSDEEP

1536:q6MC/ULWkgnYKuxUYFDGXw5bfAPskfWTHrXlTGdx:q6x/ULWkvKuxUYFDGXw5bfL6clux

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

AWS | RxR

Botnet

Default

C2

23.94.247.42:6606

23.94.247.42:7707

23.94.247.42:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_file
avhost.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  958f892db4696903b0af87032931fc90N.exe
- Size
  
  63KB
- MD5
  
  958f892db4696903b0af87032931fc90
- SHA1
  
  5309c8ac00b200253cc93c0448966a6d1834fd74
- SHA256
  
  b000ad3739dd8c9b6e818019b4d3d60b42c1333eb20947344d9410abe5a52200
- SHA512
  
  2a9c9c78ca66c93e1eaf90b50e44bed7e5dd7e6f83304989ad8d34810a1866cdd0978025c30e9bf300676c96e0500b0dc6acfcca8bc443fa2ae36e750c09333c
- SSDEEP
  
  1536:q6MC/ULWkgnYKuxUYFDGXw5bfAPskfWTHrXlTGdx:q6x/ULWkvKuxUYFDGXw5bfL6clux
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat