asyncrat | e4a36be98f730d706d2ca97a5d687329a1cc7d4848daf698b7e21b6b9b577f31 | Triage

Sharing

General

Target

e4a36be98f730d706d2ca97a5d687329a1cc7d4848daf698b7e21b6b9b577f31
Size

3.5MB
Sample

240930-fqywgayhpm
MD5

b3fd0e1003b1cd38402b6d32829f6135
SHA1

c9cedd6322fb83457f56b64b4624b07e2786f702
SHA256

e4a36be98f730d706d2ca97a5d687329a1cc7d4848daf698b7e21b6b9b577f31
SHA512

04692e0f80a75f78b533677cefe3db6607108abf19963d88e231925cfa13f1ec054811aebe53c82d238e732a999cd8d176107d50cf2ea5694d4177cbfd3b30f1
SSDEEP

49152:KXSBgOQSMWnpCkICTugfaU6vTN4Z6WSk7s7jsjS4znnqyIn7TrvU:KygOQSVpC/CHMTWk8zn

Score

10^/10

asyncrat discovery persistence rat

Malware Config

Targets

- Target
  
  e4a36be98f730d706d2ca97a5d687329a1cc7d4848daf698b7e21b6b9b577f31
- Size
  
  3.5MB
- MD5
  
  b3fd0e1003b1cd38402b6d32829f6135
- SHA1
  
  c9cedd6322fb83457f56b64b4624b07e2786f702
- SHA256
  
  e4a36be98f730d706d2ca97a5d687329a1cc7d4848daf698b7e21b6b9b577f31
- SHA512
  
  04692e0f80a75f78b533677cefe3db6607108abf19963d88e231925cfa13f1ec054811aebe53c82d238e732a999cd8d176107d50cf2ea5694d4177cbfd3b30f1
- SSDEEP
  
  49152:KXSBgOQSMWnpCkICTugfaU6vTN4Z6WSk7s7jsjS4znnqyIn7TrvU:KygOQSVpC/CHMTWk8zn
Score

10^/10

discovery persistence asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

asyncratdiscoverypersistencerat