asyncrat

General

Target

a8739ce81820d0fb38e5338e93f54bca4c3049438f2744d1cfd5a5125ceb7ee1
Size

1.1MB
Sample

241017-s7lnpawhjr
MD5

ab0b997f21fd24a8131747107618dd90
SHA1

cb6d427ba76efd040a14e6a23d3e379db58604f7
SHA256

a8739ce81820d0fb38e5338e93f54bca4c3049438f2744d1cfd5a5125ceb7ee1
SHA512

270a4eace4373b756c2b17e60b6ede51bd467967a67d692a0d427ad60babe01420cc39197d4e403abd329da3af4099135bd6f9fc3a7eeedd7f7a5234bf3ee687
SSDEEP

24576:fXPhQPuFTahctJIWzOnuvyO+maDfFngV51Tp0Tm7DJlAKCpp4SG311iR:fXPKG1ah6J7yHFgV5dp0TmXyppaloR

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

ansyoct15.duckdns.org:1415

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  ENVIO COPIA DE LA NOTIFICACION/01 NOTIFICACION ELECTRONICA.exe
- Size
  
  1.6MB
- MD5
  
  8f0717916432e1e4f3313c8ebde55210
- SHA1
  
  41456cd9c3b66cfb22f9bbeefb6750cce516bf3a
- SHA256
  
  8dc4d5deef19fb4da195c270819a6ee283b67408fc9ee187216a0ce80ee61bab
- SHA512
  
  d1c4696541ec1d8d44e820902828bfbbd16afbb9c4a251080fc62262fbf879b268ed0fff80ea84aacdc58f424c516a979bb8fa82f0dfe920d71cad92f17bcfee
- SSDEEP
  
  12288:N2EDigMo6E50Hmy00qEEmxnA7ECCXuiAK6xXHDJBIMQV2:bFaky0wEmxAQCCXuiA3XH8N2
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  ENVIO COPIA DE LA NOTIFICACION/MpGear.dll
- Size
  
  592KB
- MD5
  
  8d6de42f1495eb5f487dd5bab8e97038
- SHA1
  
  dd9b13c03c8db0a2368f7dccaf4081b82bfa2a7b
- SHA256
  
  2625ad5e5176eeec5f91152d8b5fbdde2cb96fec11b6bf2a5dc4d09f03b381d9
- SHA512
  
  54424a71f2fe3d9d411ec30f5ae31aeed2d6637e06625273cee5c228c587e537892c78a5d984479d60b2791fd8e2083e7ef3e5a0cc11ae4b330152d8e033f93f
- SSDEEP
  
  12288:n5Lc3KeIaZ+dwGbzSifdYndE7sjXj8cjb+DYtYP:5LcbIaIxzSwKdfjXjBv8Y
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2