asyncrat | 7161f6891abc4525fe3adc825a8cdefe7639f03f18ecbc79f2d6cd7f51aa2e93 | Triage

Sharing

General

Target

AsyncClient.exe
Size

47KB
Sample

241001-e4hwqs1alj
MD5

d92788f22264020334f2df8e161ff27e
SHA1

8fcd55d59685f1f3c2f7f79b197ad9c9037334ad
SHA256

7161f6891abc4525fe3adc825a8cdefe7639f03f18ecbc79f2d6cd7f51aa2e93
SHA512

4a404de4f4ccf5cfb237c4ba63f643e31011b8ec35aa46cda1950ea31524c84c70e4a8469e01180cff512009746679f05ab450494112247896e154aa92d5a695
SSDEEP

768:Euu91TwQsOnFWUFN1/mo2qD3NPsmtzzqsGPIz5Yo0byJZyytf5VaMNajBDZPx:Euu91TwSb2ksC/Pvz5YDbyOytfX+dPx

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

note-ww.gl.at.ply.gg:22181

Mutex

kAbVqZCx6dQg

Attributes

delay
3
install
true
install_file
goder.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  AsyncClient.exe
- Size
  
  47KB
- MD5
  
  d92788f22264020334f2df8e161ff27e
- SHA1
  
  8fcd55d59685f1f3c2f7f79b197ad9c9037334ad
- SHA256
  
  7161f6891abc4525fe3adc825a8cdefe7639f03f18ecbc79f2d6cd7f51aa2e93
- SHA512
  
  4a404de4f4ccf5cfb237c4ba63f643e31011b8ec35aa46cda1950ea31524c84c70e4a8469e01180cff512009746679f05ab450494112247896e154aa92d5a695
- SSDEEP
  
  768:Euu91TwQsOnFWUFN1/mo2qD3NPsmtzzqsGPIz5Yo0byJZyytf5VaMNajBDZPx:Euu91TwSb2ksC/Pvz5YDbyOytfX+dPx
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat