asyncrat | e0f9ca55f06233cd4e2a7e4cf77fb678a9cff34b548c85ea7c2cdf7ede07270c | Triage

Sharing

General

Target

AsyncClient1.exe
Size

47KB
Sample

241125-dxdg1a1qgl
MD5

f65631d6798eaa350884e4f996f7f6a9
SHA1

a913ae3757728dc296bc1076147eb840e887d8fc
SHA256

e0f9ca55f06233cd4e2a7e4cf77fb678a9cff34b548c85ea7c2cdf7ede07270c
SHA512

e0c73a639c5236a9cb1800732c736c3a3071e50660495517e43b55b815eb99d0faf74f04e3de79e9fa112b6a09721d178f3b3929585fbfdb5bee2cda95b6bd0e
SSDEEP

768:xuyxNTAoZjRWUJd9bmo2qL5+Cr96UGMRPIom7e7PesJ0bFm3sJsynjSY1zeBDZMx:xuyxNTAGL2xuCMOom7ebRubFm3kZlMdO

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

between-reprint.gl.at.ply.gg:5942

Mutex

CKnrCmvLB4KG

Attributes

delay
3
install
true
install_file
Windows.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  AsyncClient1.exe
- Size
  
  47KB
- MD5
  
  f65631d6798eaa350884e4f996f7f6a9
- SHA1
  
  a913ae3757728dc296bc1076147eb840e887d8fc
- SHA256
  
  e0f9ca55f06233cd4e2a7e4cf77fb678a9cff34b548c85ea7c2cdf7ede07270c
- SHA512
  
  e0c73a639c5236a9cb1800732c736c3a3071e50660495517e43b55b815eb99d0faf74f04e3de79e9fa112b6a09721d178f3b3929585fbfdb5bee2cda95b6bd0e
- SSDEEP
  
  768:xuyxNTAoZjRWUJd9bmo2qL5+Cr96UGMRPIom7e7PesJ0bFm3sJsynjSY1zeBDZMx:xuyxNTAGL2xuCMOom7ebRubFm3kZlMdO
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat