asyncrat | b821057045d27dd6ce8e14dac6e93d42c9ca47ce1e86390c5d2dac0401d28601 | Triage

Sharing

General

Target

b821057045d27dd6ce8e14dac6e93d42c9ca47ce1e86390c5d2dac0401d28601
Size

2.6MB
Sample

241009-c34qpszbrg
MD5

055fd9ae5a0b84c79b61fff3e9b76e30
SHA1

908de6b4a44db71530a64284147219d0c72c8053
SHA256

b821057045d27dd6ce8e14dac6e93d42c9ca47ce1e86390c5d2dac0401d28601
SHA512

09028287595712e36da23b1142fe5d75dbf5f04b94bdcdc9013030ef188fbce3eb05a03ff4ffdd124691389c14923fdf7514f6f9af8f61b66c2754164ae5fc9a
SSDEEP

49152:ykCWb8/7a76JmTVmH6jRwmEQ/E6VUM83Ptvh:KV7KphSpr

Score

10^/10

asyncrat octu discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

OCTU

C2

pruebadenuevonuevo202024202024.duckdns.org:9200

Mutex

CookiesGoogleChrome

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  b821057045d27dd6ce8e14dac6e93d42c9ca47ce1e86390c5d2dac0401d28601
- Size
  
  2.6MB
- MD5
  
  055fd9ae5a0b84c79b61fff3e9b76e30
- SHA1
  
  908de6b4a44db71530a64284147219d0c72c8053
- SHA256
  
  b821057045d27dd6ce8e14dac6e93d42c9ca47ce1e86390c5d2dac0401d28601
- SHA512
  
  09028287595712e36da23b1142fe5d75dbf5f04b94bdcdc9013030ef188fbce3eb05a03ff4ffdd124691389c14923fdf7514f6f9af8f61b66c2754164ae5fc9a
- SSDEEP
  
  49152:ykCWb8/7a76JmTVmH6jRwmEQ/E6VUM83Ptvh:KV7KphSpr
Score

10^/10

discovery persistence asyncrat octu rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

asyncratoctudiscoverypersistencerat