asyncrat | 4fc5bc8679e046420ac7516d7a89080ba8ffd20fb7ebcc5dc6969f1df1a8a73a | Triage

Sharing

General

Target

Miaou.exe
Size

393KB
Sample

241209-ya4qwstmbl
MD5

ee858fa2a033e24c1fe66d5e6ac2ce8b
SHA1

c175a36ae75fed25ffd804f998ad073805300c42
SHA256

4fc5bc8679e046420ac7516d7a89080ba8ffd20fb7ebcc5dc6969f1df1a8a73a
SHA512

463ba7bba6b00bc7423017b5c01252adc957fb9bd360e6c375eeb6e61ff7f601e944c18625f7b5f768a6f2867609cd2eb06c134ac07cefe7d4275ba6cc853a16
SSDEEP

6144:a9Y5cOjYmp740NLXAY2zNivF7GlmOh/SHYy1bfV89YDwc/7GN7RVvjJbDs:a9Y5cifNLF2xivQ2DB/7yDtbDs

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

alainlegrosper.ddns.net:6606

Mutex

sgXgvLmJ6SR3

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Miaou.exe
- Size
  
  393KB
- MD5
  
  ee858fa2a033e24c1fe66d5e6ac2ce8b
- SHA1
  
  c175a36ae75fed25ffd804f998ad073805300c42
- SHA256
  
  4fc5bc8679e046420ac7516d7a89080ba8ffd20fb7ebcc5dc6969f1df1a8a73a
- SHA512
  
  463ba7bba6b00bc7423017b5c01252adc957fb9bd360e6c375eeb6e61ff7f601e944c18625f7b5f768a6f2867609cd2eb06c134ac07cefe7d4275ba6cc853a16
- SSDEEP
  
  6144:a9Y5cOjYmp740NLXAY2zNivF7GlmOh/SHYy1bfV89YDwc/7GN7RVvjJbDs:a9Y5cifNLF2xivQ2DB/7yDtbDs
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat