asyncrat

General

Target

z.zip
Size

1.0MB
Sample

241107-vrg2nsvrhy
MD5

3c97e030e447f65be0433ccd9fc7be1a
SHA1

2c0c3b20899ed686cc6d2c8e320ed817c3463ab9
SHA256

1eb199f98383fd210fc6724ce08b734609fe230e4429209e3cd287a045723db8
SHA512

3aeb3a3d276f6dfe9e68dcc4e504d1e1cd251d663d1e82204faf38b50c9b4ef994770804b6da9594feabd1f8451d7e09c94b25e05703ff695696febb4d7fd641
SSDEEP

24576:c5RllWYRrVoylq/nvsVQE5k6jRPB6l1vUlisuCoIrpJ5:cnjbrGyMve5bFPB6l1gGIrp/

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

en2025en.duckdns.org:3030

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Envio copia de la Notificacion electrnica Demanda/01 NOTIFICACION DEMANDA.exe
- Size
  
  275KB
- MD5
  
  b2d4b1d83945b5787d49a86c4f394e0c
- SHA1
  
  334a5c434e5d5d0649f8224e449ca9aaf9ba6816
- SHA256
  
  038d7b257b98421ad371189cf51d67f32ddad2de687c443a59ea74e4027bbf04
- SHA512
  
  4e92c367991a30d81a718ef26e8e61d24a84d2b54b5d9c6555f319b186ed5bc29d03fb10929bdae4d37c4fe92b3c0be63ee1ed4b287df74af7644e65053222d5
- SSDEEP
  
  6144:fONaSHaPlcCgYH9oYAd6q2vACSHaPlcCgYH9oY8HJF:fe969RTHGkIF69RTH6F
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Asyncrat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2