asyncrat | a8e5565fb2565b1254faeb8dab9e1ceec0a54b4df5a82ddbab51f4bc88e8bdc8 | Triage

Sharing

General

Target

a8e5565fb2565b1254faeb8dab9e1ceec0a54b4df5a82ddbab51f4bc88e8bdc8
Size

35KB
Sample

241110-payefawhpf
MD5

f5fff1b7c399708ec43a92eb82328c81
SHA1

5e572883376ea18b3553db758e502bee8bee128c
SHA256

a8e5565fb2565b1254faeb8dab9e1ceec0a54b4df5a82ddbab51f4bc88e8bdc8
SHA512

09604c5411148c62d8924ff7241325635f8c6d8e7eed2e1fd54843f4e26ba8f273f21f50aaf3539f3c1854e1baf3640c4dff10502b1867e75bb3680279bde54e
SSDEEP

768:YlaCHaB4HG9mIJOTjCHL0XHYO3xoUm/ZXSvyZkWCogKy4D8K0s+KpK/pZ6+:I/cWWr0IzUCSNCI1s+4aHn

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

109.107.174.128:6606

109.107.174.128:7707

109.107.174.128:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  041201ea61adce22ef2f36f64f9ccac66d638bffcb043e48f53d33cc7d8692a6.bat
- Size
  
  49KB
- MD5
  
  5766cb7fde4550d5b22abc76368cd73c
- SHA1
  
  de945f448741fd7f9130ba366e82f24fbff8b882
- SHA256
  
  041201ea61adce22ef2f36f64f9ccac66d638bffcb043e48f53d33cc7d8692a6
- SHA512
  
  65cc6f4de99f5e59982217ab925d62dbcb7969036709b8221e771762fecc4d2bfe1b189dc0a7b0379014f9cad16a31e85d20f2c542baca714d292ac28988df8d
- SSDEEP
  
  1536:/jNbaYAiCAIpcC4HLSDq9/yamFjr6lI5ZiMWcFq:/iZKqTjkImCk
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultrat