asyncrat | ada9fecb83be43148381062fd3ac66976e2ef76b59a855eb3f0a351ce5ee7b67 | Triage

Sharing

General

Target

7867189a85c6e08b287e9d6760a1c3fd.exe
Size

5.0MB
Sample

241104-j2tbxazphl
MD5

7867189a85c6e08b287e9d6760a1c3fd
SHA1

4700de2b6b080b206743c96ba76e2b2f713331b6
SHA256

ada9fecb83be43148381062fd3ac66976e2ef76b59a855eb3f0a351ce5ee7b67
SHA512

ed7b8ba643df6bf3ae0b419fe88011a055ba353357affcdaede987fffcc0ffc43daf311b564ba53bf58d607ba20b92357fd84daa699abad3b09195e116a5ab6d
SSDEEP

49152:Mr9PwJV/h8p/gehHoe2uN8KjVR8dnyvr42jZ2062zJerF0/3g9j+TBEzW07kKz8s:KPIVZ8pDhH0uN8QRVM2IrMQFtD5XJ

Score

10^/10

asyncrat default execution rat

Malware Config

Extracted

Family

asyncrat

Version

AWS | 3Losh

Botnet

Default

C2

51.222.21.24:6606

51.222.21.24:7707

51.222.21.24:8808

Mutex

AsyncMutex_alosh

Attributes

delay
3
install
false
install_file
newbuild.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  7867189a85c6e08b287e9d6760a1c3fd.exe
- Size
  
  5.0MB
- MD5
  
  7867189a85c6e08b287e9d6760a1c3fd
- SHA1
  
  4700de2b6b080b206743c96ba76e2b2f713331b6
- SHA256
  
  ada9fecb83be43148381062fd3ac66976e2ef76b59a855eb3f0a351ce5ee7b67
- SHA512
  
  ed7b8ba643df6bf3ae0b419fe88011a055ba353357affcdaede987fffcc0ffc43daf311b564ba53bf58d607ba20b92357fd84daa699abad3b09195e116a5ab6d
- SSDEEP
  
  49152:Mr9PwJV/h8p/gehHoe2uN8KjVR8dnyvr42jZ2062zJerF0/3g9j+TBEzW07kKz8s:KPIVZ8pDhH0uN8QRVM2IrMQFtD5XJ
Score

10^/10

asyncrat default execution rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Loads dropped DLL
- Command and Scripting Interpreter: PowerShell
  Run Powershell to execute payload.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultexecutionrat