asyncrat | 9180b650add0089b72e050e358d7cac79d5e482b605f07692f35b9a6d12d9fd8 | Triage

Sharing

General

Target

cf50ae69e12fe9da2b1f5793f517e281_JaffaCakes118
Size

744KB
Sample

241206-19cskaxjej
MD5

cf50ae69e12fe9da2b1f5793f517e281
SHA1

3a312594b112050ebb4fc437ad5ca351ab3c1fe5
SHA256

9180b650add0089b72e050e358d7cac79d5e482b605f07692f35b9a6d12d9fd8
SHA512

2ddf75fe9d1cab79de587fd23d5b6de639f27217ac4c50f295d6456f25e53eb95e3da8514978f6eaa5f80cf3462931e804a0454cfaddd82802cd8235189b3571
SSDEEP

12288:gi70uZvt2NjFmzPkK46kb4by7UZGR3p2gex3HWkXvfWnNJKURYeVFZQrT4y:g00uZvMNj5KDk0O7nRPqGk/fnle0T4

Score

10^/10

asyncrat null discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.6

Botnet

null

C2

188.215.229.44:7900

Mutex

wucfjfzenbowqnj

Attributes

delay
5
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  cf50ae69e12fe9da2b1f5793f517e281_JaffaCakes118
- Size
  
  744KB
- MD5
  
  cf50ae69e12fe9da2b1f5793f517e281
- SHA1
  
  3a312594b112050ebb4fc437ad5ca351ab3c1fe5
- SHA256
  
  9180b650add0089b72e050e358d7cac79d5e482b605f07692f35b9a6d12d9fd8
- SHA512
  
  2ddf75fe9d1cab79de587fd23d5b6de639f27217ac4c50f295d6456f25e53eb95e3da8514978f6eaa5f80cf3462931e804a0454cfaddd82802cd8235189b3571
- SSDEEP
  
  12288:gi70uZvt2NjFmzPkK46kb4by7UZGR3p2gex3HWkXvfWnNJKURYeVFZQrT4y:g00uZvMNj5KDk0O7nRPqGk/fnle0T4
Score

10^/10

asyncrat null discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratnulldiscoveryrat

behavioral2

asyncratnulldiscoveryrat