asyncrat | c5d62d57d2ccabc7b13b59c578a21e024586b8645ed3d017b0e3a6564c4791b6 | Triage

Sharing

General

Target

AsyncClient.exe
Size

45KB
Sample

240821-1jbskswbkj
MD5

22f3ad06ac1a5bf1b5b918e7d7cbbee6
SHA1

9bfb6034825930eb793baa02edf55302de973750
SHA256

c5d62d57d2ccabc7b13b59c578a21e024586b8645ed3d017b0e3a6564c4791b6
SHA512

11048d0445a02de884ff36d132233a949645020e62fe5bf599721fd6f66e457779cfb7b40ddf1f91d5cb25e2773ce5a56c9da81e68b61dcbd9c056f87e817dd2
SSDEEP

768:BuQSNTvEEaBrWUXFd5mo2qmi8KjPGaG6PIyzjbFgX3iaa25Hy3zE9RBDZ3x:BuQSNT8572xvKTkDy3bCXSa+32d3x

Score

10^/10

asyncrat latentbot default discovery rat trojan

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

baltekbezmajtek.zapto.org:6606

baltekbezmajtek.zapto.org:7707

baltekbezmajtek.zapto.org:8808

Mutex

vBItBvMTrx8n

Attributes

delay
3
install
false
install_file
cached_files.exe
install_folder
%AppData%

aes.plain

Extracted

Family

latentbot

C2

baltekbezmajtek.zapto.org

Targets

- Target
  
  AsyncClient.exe
- Size
  
  45KB
- MD5
  
  22f3ad06ac1a5bf1b5b918e7d7cbbee6
- SHA1
  
  9bfb6034825930eb793baa02edf55302de973750
- SHA256
  
  c5d62d57d2ccabc7b13b59c578a21e024586b8645ed3d017b0e3a6564c4791b6
- SHA512
  
  11048d0445a02de884ff36d132233a949645020e62fe5bf599721fd6f66e457779cfb7b40ddf1f91d5cb25e2773ce5a56c9da81e68b61dcbd9c056f87e817dd2
- SSDEEP
  
  768:BuQSNTvEEaBrWUXFd5mo2qmi8KjPGaG6PIyzjbFgX3iaa25Hy3zE9RBDZ3x:BuQSNT8572xvKTkDy3bCXSa+32d3x
Score

10^/10

asyncrat latentbot default discovery rat trojan
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- LatentBot
  Modular trojan written in Delphi which has been in-the-wild since 2013.
  trojan latentbot
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratlatentbotdefaultdiscoveryrattrojan