asyncrat | 723b199d02bbf3eeca3a4d2681dc7a0b6ff1d1f88e674aa07877ca45b2b1ab4a | Triage

Sharing

General

Target

723b199d02bbf3eeca3a4d2681dc7a0b6ff1d1f88e674aa07877ca45b2b1ab4aN
Size

48KB
Sample

241109-pknmzsxkfn
MD5

0360d424c0b508ac29afcc5893ce1bc0
SHA1

109e72fcef8255c939f7d3a2afddb9916bbb3534
SHA256

723b199d02bbf3eeca3a4d2681dc7a0b6ff1d1f88e674aa07877ca45b2b1ab4a
SHA512

3d3e2f259f1e5a0a98e67928708c937652d7093a948d0aae4688a60d3c78c318b5bb0e38fb52a8fbde04af50e1fdd321e7c9d87c4f27799a341b092d587b1dc4
SSDEEP

768:KteuZggpSZJg5ZbPf1Q45EMgyBFpq17qqbiGrnGCU+LSAwBikqnvJlDdz5nSV:KteuZggQZi5ZbVwyQ7qqb9nGgnwBUvJS

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

103.145.50.68:8080

103.145.50.68:8880

Mutex

v0DhJzrjVEqz

Attributes

delay
3
install
true
install_file
DRE.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  723b199d02bbf3eeca3a4d2681dc7a0b6ff1d1f88e674aa07877ca45b2b1ab4aN
- Size
  
  48KB
- MD5
  
  0360d424c0b508ac29afcc5893ce1bc0
- SHA1
  
  109e72fcef8255c939f7d3a2afddb9916bbb3534
- SHA256
  
  723b199d02bbf3eeca3a4d2681dc7a0b6ff1d1f88e674aa07877ca45b2b1ab4a
- SHA512
  
  3d3e2f259f1e5a0a98e67928708c937652d7093a948d0aae4688a60d3c78c318b5bb0e38fb52a8fbde04af50e1fdd321e7c9d87c4f27799a341b092d587b1dc4
- SSDEEP
  
  768:KteuZggpSZJg5ZbPf1Q45EMgyBFpq17qqbiGrnGCU+LSAwBikqnvJlDdz5nSV:KteuZggQZi5ZbVwyQ7qqb9nGgnwBUvJS
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat