asyncrat | dd463e0aeafb0bc71503292b29b554024c4eca5b630ae9da90f4eb1e20cddc79 | Triage

Sharing

General

Target

Camscanner Notificacion demanda judicial 19-11-2024.uue
Size

936KB
Sample

241119-yzzs8s1pes
MD5

72ca8b45de97bee7b71f8d785a71a54a
SHA1

b7358ebf2ad5c25137cb6c7be0ad4ec37890fa6b
SHA256

dd463e0aeafb0bc71503292b29b554024c4eca5b630ae9da90f4eb1e20cddc79
SHA512

32de6ce467f218e1f7b6f1aec4bb0cedb8f79084e40240f08e4367f24174982e17c536e0b0f95ed3c047ecd03fc052913a799eab4193baf89dbf264ab191646a
SSDEEP

12288:JrpTt9wztuwr7fX1VH9lBAUqBLq9S2Lgtjlzz+7Nm0R1rCnOUZlzzp3znAU:JFTXSuEX1VdAe9Shtjlz6FR1R099znAU

Score

10^/10

asyncrat n19 discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

N19

C2

dcenviardn.duckdns.org:8081

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Camscanner Notificacion demanda judicial 19-11-2024.exe
- Size
  
  936KB
- MD5
  
  7227a1e3942f7cd6aec5289eddbeb470
- SHA1
  
  edb33519cf2523a00ad7cdb5909167723dc7c2f6
- SHA256
  
  aaa4c54d92ec055ff8d95312831f6288d0ce520a4fbda263bed751bd0bd3a772
- SHA512
  
  9be2230c5b5debffbbab5e1fedbe1004d3a8256e1f769852b1c9853a8424982f93f27cf9616c3176e374e3bf377a63bcc755659dcb353a07a62f2648d652dd24
- SSDEEP
  
  12288:u1udBZnJtgYHdOThJ7P8d4dxcIJZcC7y7lxeB1l6CkAxCJ49rzQP07r1VGx7uouJ:9dBBHAvJl7y7OB1l6CkQJWluoe1
Score

10^/10

asyncrat n19 discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratn19discoverypersistencerat

behavioral2

asyncratn19discoverypersistencerat