asyncrat

General

Target

a50ca35dafcd6dd0bc1d3dc1517aa5d37e0dec071486919158117b7813610024.rar
Size

4.3MB
Sample

241213-dckqkswnex
MD5

6fd75a14517918d76c1892f13b31ed4c
SHA1

5104ba552caa6b62d7d52b7eb12c5dc079a574d3
SHA256

a50ca35dafcd6dd0bc1d3dc1517aa5d37e0dec071486919158117b7813610024
SHA512

b20e2c516bf276f5716ba3e547e16b19f91dc10a3ca4956470becd896a05ba4c4f5f705c2fce48b31268a5d20d937aceadf13c69689d9b265aa6cfcec1b7f78a
SSDEEP

98304:QJPnXriQdxDkdZpm0ee32QC+tHxIfURmscDFO1en7Z:QJThIdZpCeGH+tHdRvaFOad

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

PLATA

C2

powerupsnew.dynuddns.com:7474

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  DEMANDA LABORAL POR ABUSO DE CONFIANZA/1 DEMANDA LABORAL ABUSO DE CONFIANZA.exe
- Size
  
  12.0MB
- MD5
  
  a7118dffeac3772076f1a39a364d608d
- SHA1
  
  6b984d9446f23579e154ec47437b9cf820fd6b67
- SHA256
  
  f1973746ac0a703b23526f68c639436f0b26b0bc71c4f5adf36dc5f6e8a7f4d0
- SHA512
  
  f547c13b78acda9ca0523f0f8cd966c906f70a23a266ac86156dc7e17e6349e5f506366787e7a7823e2b07b0d614c9bd08e34ca5cc4f48799b0fe36ac836e890
- SSDEEP
  
  98304:ReAtQzKADvk/9TEaImN9/tiHBIn8c3hCEFRUTaZnPZOtXwH:ReAOWOM/FE1mNHiFc3hr7UTaZnhOtXwH
Score

10^/10

asyncrat plata discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  DEMANDA LABORAL POR ABUSO DE CONFIANZA/tak_deco_lib.dll
- Size
  
  315KB
- MD5
  
  ed00ffeccc0f63387993338d31c753b0
- SHA1
  
  c7f55119ab5d4477f0ca2156bb70c048f810449c
- SHA256
  
  0c85a67ceca005ec019df765769aefc7644311d0b791070463fdf6fe2b13c94c
- SHA512
  
  baeb2233c79fb663a7a5bda12b6a90d2416d651876118021c842be69a6a9d42fbc3e12f2e6616d50e1b807d3eb9d2a02529e63126044b287e42cdcc74a893f24
- SSDEEP
  
  3072:t0brJmz6/K6UwambkfOhOmesG+4ny2lV0C84:G5mz6/s2IfmRHAyQVJ
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Asyncrat family

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4