asyncrat

General

Target

4e3c1838cf97be19c84a844b47eb093fb6e05854b971c07b86a561b50e1c29ccN
Size

2.0MB
Sample

241007-gpea4szblm
MD5

7204fe5140619c24c146489ea3544da0
SHA1

a0c4a3fcc6262839d2ea132c12eb4c7fc7b5ac37
SHA256

4e3c1838cf97be19c84a844b47eb093fb6e05854b971c07b86a561b50e1c29cc
SHA512

b52b5eded7b0937572ad989c061ee4bd839d3d966ddf45382984c5f32f008cb2653b58502bf34eeb3681797c246cbd31430d33a91eb56c0fa611162c80641dc5
SSDEEP

49152:sfU4Uj2Did0yksUsdR4/pgCXp0q++yTun33DhZVBIcLJHC85zR61xg1:sfUbaS0EtdR4/pgfq++yT633DvVBIsCS

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Server8

C2

asmby.duckdns.org:52350

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  4e3c1838cf97be19c84a844b47eb093fb6e05854b971c07b86a561b50e1c29ccN
- Size
  
  2.0MB
- MD5
  
  7204fe5140619c24c146489ea3544da0
- SHA1
  
  a0c4a3fcc6262839d2ea132c12eb4c7fc7b5ac37
- SHA256
  
  4e3c1838cf97be19c84a844b47eb093fb6e05854b971c07b86a561b50e1c29cc
- SHA512
  
  b52b5eded7b0937572ad989c061ee4bd839d3d966ddf45382984c5f32f008cb2653b58502bf34eeb3681797c246cbd31430d33a91eb56c0fa611162c80641dc5
- SSDEEP
  
  49152:sfU4Uj2Did0yksUsdR4/pgCXp0q++yTun33DhZVBIcLJHC85zR61xg1:sfUbaS0EtdR4/pgfq++yT633DvVBIsCS
Score

10^/10

discovery asyncrat server8 rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2