asyncrat | ce2ca53022372775f40b1a90800fdc3cc411251132260346cc569e7eb1a50741 | Triage

Sharing

General

Target

ce2ca53022372775f40b1a90800fdc3cc411251132260346cc569e7eb1a50741
Size

1.3MB
Sample

241213-nkhw3aymfm
MD5

aa6aa805cdc2198104f117ca36043032
SHA1

05074442fce349b9f436a0fbc4d0dc5beeb86032
SHA256

ce2ca53022372775f40b1a90800fdc3cc411251132260346cc569e7eb1a50741
SHA512

0765213c5bb54c1776c725b123cf7b58d97f631da32af8a2b269ba22bb26e5a614f5cb5898db314490ec8d391dd39dd823166429756de603f935393f4ae0ef50
SSDEEP

24576:raHuv60any7QYwIflqqXKXsdeuRlTDhZXNslBsM:rbv57QdIflqqXKXsd3vQn

Score

10^/10

asyncrat peru discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

peru

C2

formationslistcomplet2.sexidude.com:4365

Mutex

mncbbxmzbzbcmncbxvbcnxbxbcnxn

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  ce2ca53022372775f40b1a90800fdc3cc411251132260346cc569e7eb1a50741
- Size
  
  1.3MB
- MD5
  
  aa6aa805cdc2198104f117ca36043032
- SHA1
  
  05074442fce349b9f436a0fbc4d0dc5beeb86032
- SHA256
  
  ce2ca53022372775f40b1a90800fdc3cc411251132260346cc569e7eb1a50741
- SHA512
  
  0765213c5bb54c1776c725b123cf7b58d97f631da32af8a2b269ba22bb26e5a614f5cb5898db314490ec8d391dd39dd823166429756de603f935393f4ae0ef50
- SSDEEP
  
  24576:raHuv60any7QYwIflqqXKXsdeuRlTDhZXNslBsM:rbv57QdIflqqXKXsd3vQn
Score

10^/10

asyncrat peru discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratperudiscoverypersistencerat

behavioral2

asyncratperudiscoverypersistencerat