asyncrat | 1be55a5d4e4806a31ac5b88f289c77fb2133f88b50d1f605a24a420bf51c258f | Triage

Sharing

General

Target

BootStrapper.exe
Size

58KB
Sample

241016-xeqjdswbja
MD5

0c5482c025f977d4cd4884f25f7574e2
SHA1

4f6bf84ff126198e26d4649b622a5090e5960265
SHA256

1be55a5d4e4806a31ac5b88f289c77fb2133f88b50d1f605a24a420bf51c258f
SHA512

869a1776587feda2686d8649fef31eb69e285a3448862a029a8afc7b22651e88893430302619301b5b52ce8d61ff337dd704abf5d944f1d51b9c231516a116bb
SSDEEP

1536:fEK62SSTTFBfdJn1Sbpd1QEKHk0OUOFO+XAFff+:cKt5BxSbpcH4FNXAFm

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

SuperBoo Rat v1.1

Botnet

Default

C2

week-dictionary.gl.at.ply.gg:12466

Mutex

SuperBoo_mtex_920393

Attributes

delay
3
install
true
install_file
PowerShell.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  BootStrapper.exe
- Size
  
  58KB
- MD5
  
  0c5482c025f977d4cd4884f25f7574e2
- SHA1
  
  4f6bf84ff126198e26d4649b622a5090e5960265
- SHA256
  
  1be55a5d4e4806a31ac5b88f289c77fb2133f88b50d1f605a24a420bf51c258f
- SHA512
  
  869a1776587feda2686d8649fef31eb69e285a3448862a029a8afc7b22651e88893430302619301b5b52ce8d61ff337dd704abf5d944f1d51b9c231516a116bb
- SSDEEP
  
  1536:fEK62SSTTFBfdJn1Sbpd1QEKHk0OUOFO+XAFff+:cKt5BxSbpcH4FNXAFm
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat