asyncrat | 2a625cbde39ae9677ec69a7dffe14c14dda91e2927dbe18b863e8ed4e197a11c | Triage

Sharing

General

Target

ANEXOS Y DOCUMENTOS POR PROCESO LEGAL; NORMATIVA Y RADICACION VIGENTE 179235412184152786572135.zip
Size

972KB
Sample

241112-zcaq9s1bjh
MD5

1c6a815120de8ebd8c97093effa92f9f
SHA1

877d7a222f7a728a8bca053e662ff7c954e8d7e2
SHA256

2a625cbde39ae9677ec69a7dffe14c14dda91e2927dbe18b863e8ed4e197a11c
SHA512

067e403a39413e29a29c607564cc4456e392aa3f81726b79662a8a083753439e94887ba3e147df3380ab65a0a76f20e57f2f9f2ba1774982edfe38ef5c79f5d2
SSDEEP

12288:TxBrd2qMQr7ZhOTLrr6n8z4QfUYTDfTHYyHdmJI6CueM5G5VSmq1ws/6IwQ4+qH+:F2qRh7nY4C0yHUI6CuvbsIwQKrpimazh

Score

10^/10

asyncrat caerlitos discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7A

Botnet

CAERLITOS

C2

carlitos24.duckdns.org:7707

carlitos24.duckdns.org:6606

Mutex

uuooxuxbnkywum

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  ANEXOS Y DOCUMENTOS POR PROCESO LEGAL; NORMATIVA Y RADICACION VIGENTE 179235412184152786572135.exe
- Size
  
  1.0MB
- MD5
  
  afe62e59ee54125c18bd9dfdb72edcb2
- SHA1
  
  859ee99717dc6f6f627d2fc5c16b35bc41a6a91f
- SHA256
  
  cc5ce9a489dfd3806be60936b6f53ac009a9720379a664e3b71e131106830939
- SHA512
  
  507e476a6fe7058de6ec48acee2a40e4e971bdc0f9be9146c7b9932a2ef573fe1e72e29b53d3527d90cdb3296cedf487afd660e4ea95901acc02da040b346bbc
- SSDEEP
  
  24576:ryKFgz6I6Y/2aPToM2qdCDTFgBxp1tVz5UVlMhyI:Jux1PToMxOgTPtV52Mh/
Score

10^/10

asyncrat caerlitos discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratcaerlitosdiscoveryrat

behavioral2

asyncratcaerlitosdiscoveryrat