asyncrat | a52ed7cc857c5a48246c336bd22ac226100a005a8fa1306debe166af6018090d | Triage

Sharing

General

Target

a52ed7cc857c5a48246c336bd22ac226100a005a8fa1306debe166af6018090d.exe
Size

48KB
Sample

240927-q12p8avfkm
MD5

23575c31dfc1d767ffdcb95b286e3722
SHA1

4f45e5054dbae1b7c768d34fe31a4b8c69b87799
SHA256

a52ed7cc857c5a48246c336bd22ac226100a005a8fa1306debe166af6018090d
SHA512

db2cccfa494a8b2d08f520f20ce9d5853fa45d1775d92ea211154fe2dec309f0da0531dbe62d3504e6a2e270d358b5edf8272a11a49b54f6b93c8c278f5bd364
SSDEEP

1536:CN1RxXpwH/XbzY1zkT+aXMouA152k6OsKmVcl:CtPwH/bzm8CkwK8Y

Score

10^/10

asyncrat null rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.6A

Botnet

null

C2

62.108.37.42:8808

Mutex

iaqvopecckrrmxlkj

Attributes

delay
5
install
true
install_file
Microsoft Corporation.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  a52ed7cc857c5a48246c336bd22ac226100a005a8fa1306debe166af6018090d.exe
- Size
  
  48KB
- MD5
  
  23575c31dfc1d767ffdcb95b286e3722
- SHA1
  
  4f45e5054dbae1b7c768d34fe31a4b8c69b87799
- SHA256
  
  a52ed7cc857c5a48246c336bd22ac226100a005a8fa1306debe166af6018090d
- SHA512
  
  db2cccfa494a8b2d08f520f20ce9d5853fa45d1775d92ea211154fe2dec309f0da0531dbe62d3504e6a2e270d358b5edf8272a11a49b54f6b93c8c278f5bd364
- SSDEEP
  
  1536:CN1RxXpwH/XbzY1zkT+aXMouA152k6OsKmVcl:CtPwH/bzm8CkwK8Y
Score

10^/10

asyncrat null rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratnullasyncrat

behavioral1

asyncratnullrat

behavioral2

asyncratnullrat