General

  • Target

    AsyncClient.exe

  • Size

    45KB

  • Sample

    241030-xtv3esykhz

  • MD5

    78d985ff83b1486bb254783983263417

  • SHA1

    bdc6e3229840f1851909cbcdd50399a2d3b880e8

  • SHA256

    2e5c5fb80389895ecac710175986c2c7edaf26892ae4e274a8a5e5faa389e926

  • SHA512

    b2b0fbf8ba5c052d8877628a04218507e313a68ebff5b72c9754b6c5e74bcc1d4fcdd1f8cbab371aceca7a61e9d711f417c320fc51925a69bd1f4bb1101f0427

  • SSDEEP

    768:mu/dRTUo0HQbWUnmjSmo2qMwKjPGaG6PIyzjbFgX3i7YkwEKU8eBDZyx:mu/dRTUPE2kKTkDy3bCXS7Ykwqhdyx

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

JVbjWxL0GX29

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      AsyncClient.exe

    • Size

      45KB

    • MD5

      78d985ff83b1486bb254783983263417

    • SHA1

      bdc6e3229840f1851909cbcdd50399a2d3b880e8

    • SHA256

      2e5c5fb80389895ecac710175986c2c7edaf26892ae4e274a8a5e5faa389e926

    • SHA512

      b2b0fbf8ba5c052d8877628a04218507e313a68ebff5b72c9754b6c5e74bcc1d4fcdd1f8cbab371aceca7a61e9d711f417c320fc51925a69bd1f4bb1101f0427

    • SSDEEP

      768:mu/dRTUo0HQbWUnmjSmo2qMwKjPGaG6PIyzjbFgX3i7YkwEKU8eBDZyx:mu/dRTUPE2kKTkDy3bCXS7Ykwqhdyx

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

    • Async RAT payload

    • Downloads MZ/PE file

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks