asyncrat | 606a8ba12343088e8ae770a119c33e7bd86ed45346b5a1f88f94b8d3562284bf | Triage

Sharing

General

Target

Client.exe
Size

63KB
Sample

241101-ab54cavcmh
MD5

0cfabb4492c8d690bd6f9cf88b52ead9
SHA1

640f8b5a21ef6ab691e524e915b36add1d53950e
SHA256

606a8ba12343088e8ae770a119c33e7bd86ed45346b5a1f88f94b8d3562284bf
SHA512

110c0a9cef7e535d28b3ae666ebeed159d05f9c1c32cfeac1c35d96eaf7b2e3623ca2d9be7d9ba324e0e4ae2f247f53ceb9f52bb304ae76acf7341d2c6f63e6e
SSDEEP

1536:xhRzHh1AkR7IWL3leeiMl8GbbXwEXk2GZZVclN:xhRzHh1AkR7X3YeFmGbbXx0DzY

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

Mutex

NUEJFR_RT

Attributes

delay
1
install
true
install_file
svchost.exe
install_folder
%Temp%
pastebin_config
https://pastebin.com/raw/c5xtcUfn

aes.plain

Targets

- Target
  
  Client.exe
- Size
  
  63KB
- MD5
  
  0cfabb4492c8d690bd6f9cf88b52ead9
- SHA1
  
  640f8b5a21ef6ab691e524e915b36add1d53950e
- SHA256
  
  606a8ba12343088e8ae770a119c33e7bd86ed45346b5a1f88f94b8d3562284bf
- SHA512
  
  110c0a9cef7e535d28b3ae666ebeed159d05f9c1c32cfeac1c35d96eaf7b2e3623ca2d9be7d9ba324e0e4ae2f247f53ceb9f52bb304ae76acf7341d2c6f63e6e
- SSDEEP
  
  1536:xhRzHh1AkR7IWL3leeiMl8GbbXwEXk2GZZVclN:xhRzHh1AkR7X3YeFmGbbXx0DzY
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat