asyncrat | 66358826f5bf47e92bd7d94f2f179c0a41eb580f1f3b281e3c3b1dc1322a20c0 | Triage

Sharing

General

Target

66358826f5bf47e92bd7d94f2f179c0a41eb580f1f3b281e3c3b1dc1322a20c0N
Size

63KB
Sample

241109-ds91eawfla
MD5

20d7d7cef9a5153f2385efda69a87e20
SHA1

b018dc2269e03386f9cdf427a75b4b843cf3cf5b
SHA256

66358826f5bf47e92bd7d94f2f179c0a41eb580f1f3b281e3c3b1dc1322a20c0
SHA512

3ff2f724c31c20dc48d1e5f98160be1357e1b413187fb3325d5bf253ed4fb4c925f2ac073805a397344972686dacaf2fe0143082c32246d64383dc3b7e43f549
SSDEEP

1536:mWWWhjlikD9cKuZUYFYGXw5bfAPO6N1nprmTGxx:mWrhjlik2KuZUYFYGXw5bfV6DpEKx

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

MSF

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  66358826f5bf47e92bd7d94f2f179c0a41eb580f1f3b281e3c3b1dc1322a20c0N
- Size
  
  63KB
- MD5
  
  20d7d7cef9a5153f2385efda69a87e20
- SHA1
  
  b018dc2269e03386f9cdf427a75b4b843cf3cf5b
- SHA256
  
  66358826f5bf47e92bd7d94f2f179c0a41eb580f1f3b281e3c3b1dc1322a20c0
- SHA512
  
  3ff2f724c31c20dc48d1e5f98160be1357e1b413187fb3325d5bf253ed4fb4c925f2ac073805a397344972686dacaf2fe0143082c32246d64383dc3b7e43f549
- SSDEEP
  
  1536:mWWWhjlikD9cKuZUYFYGXw5bfAPO6N1nprmTGxx:mWrhjlik2KuZUYFYGXw5bfV6DpEKx
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat