asyncrat | 042cdefef5da13107ff58628f06962fb72ec1f1a6736573dcf3366a2d4188d2a | Triage

Sharing

General

Target

AsyncClient.exe
Size

45KB
Sample

241103-xmrressbnn
MD5

2e1fd931c873a28856ca105e736702b9
SHA1

2972471be1809b3ed060c1944a4eb1c66b7ae3b0
SHA256

042cdefef5da13107ff58628f06962fb72ec1f1a6736573dcf3366a2d4188d2a
SHA512

a2d12547d5de9c39fb338e0906a4edb86861cd230653c5cecd3597ad1faf5d63083c74075f37a28c5c0420f21b7518504fa3405b2f252501839d36b77ebff949
SSDEEP

768:mu/dRTUo0HQbWUnmjSmo2qMwKjPGaG6PIyzjbFgX3iZ9yYRVGRcKZkPrQdBDZyx:mu/dRTUPE2kKTkDy3bCXSZJGRc30zdyx

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

E2qgtjRHaRSi

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  AsyncClient.exe
- Size
  
  45KB
- MD5
  
  2e1fd931c873a28856ca105e736702b9
- SHA1
  
  2972471be1809b3ed060c1944a4eb1c66b7ae3b0
- SHA256
  
  042cdefef5da13107ff58628f06962fb72ec1f1a6736573dcf3366a2d4188d2a
- SHA512
  
  a2d12547d5de9c39fb338e0906a4edb86861cd230653c5cecd3597ad1faf5d63083c74075f37a28c5c0420f21b7518504fa3405b2f252501839d36b77ebff949
- SSDEEP
  
  768:mu/dRTUo0HQbWUnmjSmo2qMwKjPGaG6PIyzjbFgX3iZ9yYRVGRcKZkPrQdBDZyx:mu/dRTUPE2kKTkDy3bCXSZJGRc30zdyx
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat