asyncrat

General

Target

6030c76cfcf4feb70c6d0f123d553a62.zip
Size

5.5MB
Sample

241121-ct5awasmgn
MD5

6030c76cfcf4feb70c6d0f123d553a62
SHA1

79db7ed2963ad1538c458b72fe3984732875b1dc
SHA256

d34e9867f66b8e374af9d9fde98acb876d3c0fc8394b6d7ce83d670f42b66f2e
SHA512

4dbfc4a42e069b0fa2eb55b2aac79a8d8b8ff636c5123500cc55327f58964ee3627864933af51350ba57c6adf9fcb25ebc00b397fd6d36dc32268b421bcbbe31
SSDEEP

98304:qDagWZyVl+3BwCNSnGHgcNIGAfQH45BhWMQj2l8Rx7ykzueD767NObCZ+j5SMOZD:fgmcgBAGXw1JNg2lWx7yG167NZqSJoG

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

PLATA

C2

powerupsnew.dynuddns.com:7474

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  DEMANDA LABORAL POR ABUSO DE CONFIANZA/1 DEMANDA LABORAL ABUSO DE CONFIANZA.exe
- Size
  
  12.0MB
- MD5
  
  a7118dffeac3772076f1a39a364d608d
- SHA1
  
  6b984d9446f23579e154ec47437b9cf820fd6b67
- SHA256
  
  f1973746ac0a703b23526f68c639436f0b26b0bc71c4f5adf36dc5f6e8a7f4d0
- SHA512
  
  f547c13b78acda9ca0523f0f8cd966c906f70a23a266ac86156dc7e17e6349e5f506366787e7a7823e2b07b0d614c9bd08e34ca5cc4f48799b0fe36ac836e890
- SSDEEP
  
  98304:ReAtQzKADvk/9TEaImN9/tiHBIn8c3hCEFRUTaZnPZOtXwH:ReAOWOM/FE1mNHiFc3hr7UTaZnhOtXwH
Score

10^/10

asyncrat plata discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  DEMANDA LABORAL POR ABUSO DE CONFIANZA/tak_deco_lib.dll
- Size
  
  315KB
- MD5
  
  ed00ffeccc0f63387993338d31c753b0
- SHA1
  
  c7f55119ab5d4477f0ca2156bb70c048f810449c
- SHA256
  
  0c85a67ceca005ec019df765769aefc7644311d0b791070463fdf6fe2b13c94c
- SHA512
  
  baeb2233c79fb663a7a5bda12b6a90d2416d651876118021c842be69a6a9d42fbc3e12f2e6616d50e1b807d3eb9d2a02529e63126044b287e42cdcc74a893f24
- SSDEEP
  
  3072:t0brJmz6/K6UwambkfOhOmesG+4ny2lV0C84:G5mz6/s2IfmRHAyQVJ
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Asyncrat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4