asyncrat | d145af0585628070c716f9ee1ce63e4da0b239d72e3dbf41683abb9db2f7a5af | Triage

Sharing

General

Target

AsyncClient.exe
Size

45KB
Sample

241010-scte2s1fkb
MD5

608c690f9f2eb09d832dc26b007694b5
SHA1

894dc8eadbc184a2b327ae771850cc726ebf26a0
SHA256

d145af0585628070c716f9ee1ce63e4da0b239d72e3dbf41683abb9db2f7a5af
SHA512

b2bde1f1679056c65123d09bb50236909843e05cf7e0e714cb3a7ab4a510088070e2f0f797153b65a0955b94113a5b437e91854d194c2a1631ec9779d427c346
SSDEEP

768:luny5TgoqzqWU8d9rmo2qrgKjPGaG6PIyzjbFgX3ir3ITlDzwIjr8HTOyBDZrx:luny5TgNR25KTkDy3bCXSr3k/wIjIHi8

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

192.168.244.72:6606

192.168.244.72:7707

192.168.244.72:8808

192.168.244.72:3000

192.168.244.1:6606

192.168.244.1:7707

192.168.244.1:8808

192.168.244.1:3000

Mutex

KRVJ4XZBrwB4

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  AsyncClient.exe
- Size
  
  45KB
- MD5
  
  608c690f9f2eb09d832dc26b007694b5
- SHA1
  
  894dc8eadbc184a2b327ae771850cc726ebf26a0
- SHA256
  
  d145af0585628070c716f9ee1ce63e4da0b239d72e3dbf41683abb9db2f7a5af
- SHA512
  
  b2bde1f1679056c65123d09bb50236909843e05cf7e0e714cb3a7ab4a510088070e2f0f797153b65a0955b94113a5b437e91854d194c2a1631ec9779d427c346
- SSDEEP
  
  768:luny5TgoqzqWU8d9rmo2qrgKjPGaG6PIyzjbFgX3ir3ITlDzwIjr8HTOyBDZrx:luny5TgNR25KTkDy3bCXSr3k/wIjIHi8
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat