asyncrat | 421ff80415726f048213bed08a4d02f4c2f5a11af92893fc9ddc6b98e55db095 | Triage

Sharing

General

Target

YDRAY-DESCARGAR-NOTIFICACION-DE-SENTENCIA-JUDICIAL-AGRADECEMOS-CONFIRMAR-RECIBIDO-1.GZ
Size

1.0MB
Sample

241017-tpryesteqb
MD5

4be392945a6b4b228f1889ac8bff5927
SHA1

2c9e287cb5619b9811b09b4830b327c48272b653
SHA256

421ff80415726f048213bed08a4d02f4c2f5a11af92893fc9ddc6b98e55db095
SHA512

031464c7548d9a7ee8a084cfe87871c250654e2b33921b5a03d84d3be279806167dc596d8410040655c2d1f542048eec38fab68847ce9dfbbf0573cec607330f
SSDEEP

24576:LbAtae9qGfn52ZCMXxxgH73/jIyBlKllmSZH8ymEEWrC:HIX99n5cCexxgbvjIyBgfm24EBm

Score

10^/10

asyncrat 15 15 15 15 discovery rat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

15 15 15 15

C2

120.duckdns.org:9003

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  YDRAY-DESCARGAR-NOTIFICACION-DE-SENTENCIA-JUDICIAL-AGRADECEMOS-CONFIRMAR-RECIBIDO-1.GZ
- Size
  
  1.0MB
- MD5
  
  4be392945a6b4b228f1889ac8bff5927
- SHA1
  
  2c9e287cb5619b9811b09b4830b327c48272b653
- SHA256
  
  421ff80415726f048213bed08a4d02f4c2f5a11af92893fc9ddc6b98e55db095
- SHA512
  
  031464c7548d9a7ee8a084cfe87871c250654e2b33921b5a03d84d3be279806167dc596d8410040655c2d1f542048eec38fab68847ce9dfbbf0573cec607330f
- SSDEEP
  
  24576:LbAtae9qGfn52ZCMXxxgH73/jIyBlKllmSZH8ymEEWrC:HIX99n5cCexxgbvjIyBgfm24EBm
Score

10^/10

asyncrat 15 15 15 15 discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncrat15 15 15 15discoveryrat

behavioral2