asyncrat | 0133bd25af53905513b2123f49e8de6dcb7a2c8c4021b444e1f557b5462f8f31 | Triage

Sharing

General

Target

0133bd25af53905513b2123f49e8de6dcb7a2c8c4021b444e1f557b5462f8f31.exe
Size

573KB
Sample

241204-fy5zraypej
MD5

c39b2855ca915b631eda59221242a492
SHA1

0e8c5d616d5cf17b0dcc891044e67770d1b8f28c
SHA256

0133bd25af53905513b2123f49e8de6dcb7a2c8c4021b444e1f557b5462f8f31
SHA512

a209d2fb399fd847197d8f901222d45a93a76868081dcce0d91ad2ed618e15b5d5b88ff0db2534b280d469e082fba11abbe4e10c53d9af09a6a2eda7fb0a481b
SSDEEP

12288:gD+ImWu7YOwR+7Wq+kIN0xkGtxCtq30JCSHvi7oA:gDKWu/w47WRoxkG7Cs30pi71

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

127.0.0.1:2035

147.185.221.16:2035

147.185.221.19:2035

121637121.duckdns.org:2035

Mutex

I8EJ82H739UG

Attributes

delay
1
install
true
install_file
Update.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  0133bd25af53905513b2123f49e8de6dcb7a2c8c4021b444e1f557b5462f8f31.exe
- Size
  
  573KB
- MD5
  
  c39b2855ca915b631eda59221242a492
- SHA1
  
  0e8c5d616d5cf17b0dcc891044e67770d1b8f28c
- SHA256
  
  0133bd25af53905513b2123f49e8de6dcb7a2c8c4021b444e1f557b5462f8f31
- SHA512
  
  a209d2fb399fd847197d8f901222d45a93a76868081dcce0d91ad2ed618e15b5d5b88ff0db2534b280d469e082fba11abbe4e10c53d9af09a6a2eda7fb0a481b
- SSDEEP
  
  12288:gD+ImWu7YOwR+7Wq+kIN0xkGtxCtq30JCSHvi7oA:gDKWu/w47WRoxkG7Cs30pi71
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultrat