asyncrat | 967d8df2b2b47c97fcb36286731254cc23e81fb92b1ebc1c917e292c3d2740c6 | Triage

Sharing

General

Target

stub.exe
Size

8.3MB
Sample

241109-vkjlxsydmp
MD5

812c191196807e717082916052bfaa4f
SHA1

1b1144a8e914281cb9754ca6f5f8133d35dd01bc
SHA256

967d8df2b2b47c97fcb36286731254cc23e81fb92b1ebc1c917e292c3d2740c6
SHA512

152b88c1282765ec6971cf81489453f340f91eba9d85ff6dbc7d3daea16088eb2529dfb470d5ade09ccc625bfa37a0a12dd02bb05ffd383fceaa1a5dd78610f0
SSDEEP

196608:7GGv8HZ4JFdQmRrdA6lS8Qnf2ODjMnGydS8jyi9IleHq7O2zH:COYsdQOlaF3MnG38jyi9IleKqkH

Score

10^/10

asyncrat default execution pyinstaller rat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:55496

127.0.0.1:37754

tcp://nasdnasnd-55496.portmap.host:55496:55496

tcp://nasdnasnd-55496.portmap.host:55496:37754

tcp://nasdnasnd-55496.portmap.host:55496

tcp://nasdnasnd-55496.portmap.host:37754

floor-getting.gl.at.ply.gg:55496

floor-getting.gl.at.ply.gg:37754

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  stub.exe
- Size
  
  8.3MB
- MD5
  
  812c191196807e717082916052bfaa4f
- SHA1
  
  1b1144a8e914281cb9754ca6f5f8133d35dd01bc
- SHA256
  
  967d8df2b2b47c97fcb36286731254cc23e81fb92b1ebc1c917e292c3d2740c6
- SHA512
  
  152b88c1282765ec6971cf81489453f340f91eba9d85ff6dbc7d3daea16088eb2529dfb470d5ade09ccc625bfa37a0a12dd02bb05ffd383fceaa1a5dd78610f0
- SSDEEP
  
  196608:7GGv8HZ4JFdQmRrdA6lS8Qnf2ODjMnGydS8jyi9IleHq7O2zH:COYsdQOlaF3MnG38jyi9IleKqkH
Score

10^/10

asyncrat default execution rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultexecutionrat