asyncrat | aa2865178dc691edfdfc676c77a638cd165cbe9385a0ae4b8bfa16e9b9af753b | Triage

Sharing

General

Target

aa2865178dc691edfdfc676c77a638cd165cbe9385a0ae4b8bfa16e9b9af753b.exe
Size

1.9MB
Sample

241205-dj9naavqet
MD5

18a531099ef85a846a63b7aee12b45e7
SHA1

ccee12b82ebc5585febac7929312ee3024821db9
SHA256

aa2865178dc691edfdfc676c77a638cd165cbe9385a0ae4b8bfa16e9b9af753b
SHA512

81b9b18a24882d5b2f2704f20df57719290da063dac8147e866e076d7a1591e379309dfd780a546a739688d30c5ee51f9e5599d6576a7ddd09286f10324e5ab9
SSDEEP

49152:69U35JCirYhIntmZrbQhrHqxZrbQhrHq26R5vIk:6O3vTtmZrbQhrHqxZrbQhrHq357

Score

10^/10

asyncrat chile discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

chile

C2

formationslistcomplet2.sexidude.com:4365

Mutex

ueyroowiieyyriowowieuuurueiwiwur

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  aa2865178dc691edfdfc676c77a638cd165cbe9385a0ae4b8bfa16e9b9af753b.exe
- Size
  
  1.9MB
- MD5
  
  18a531099ef85a846a63b7aee12b45e7
- SHA1
  
  ccee12b82ebc5585febac7929312ee3024821db9
- SHA256
  
  aa2865178dc691edfdfc676c77a638cd165cbe9385a0ae4b8bfa16e9b9af753b
- SHA512
  
  81b9b18a24882d5b2f2704f20df57719290da063dac8147e866e076d7a1591e379309dfd780a546a739688d30c5ee51f9e5599d6576a7ddd09286f10324e5ab9
- SSDEEP
  
  49152:69U35JCirYhIntmZrbQhrHqxZrbQhrHq26R5vIk:6O3vTtmZrbQhrHqxZrbQhrHq357
Score

10^/10

asyncrat chile discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratchilediscoverypersistencerat

behavioral2

asyncratchilediscoverypersistencerat