asyncrat | 1801c0278583e34f09b0a202c83afbc6f2bb97ab0acb2932057a25e5eba597a6 | Triage

Submit
Reports

Overview

overview

Static

static

1

Bawless Wi...86.rar

windows7-x64

9

Bawless Wi...86.rar

windows10-2004-x64

Bawless Wi...86.rar

windows10-ltsc 2021-x64

9

Bawless Wi...86.rar

windows11-21h2-x64

1

Sharing

General

Target

Bawless Windows Cracked By Vidhayakji786.rar
Size

102.1MB
Sample

241214-y5c7esvmaj
MD5

99a1d2a905676cf0542c2a4d45e58d46
SHA1

35fac87f8ca98865b6dee79023fb1c55cb925f0d
SHA256

1801c0278583e34f09b0a202c83afbc6f2bb97ab0acb2932057a25e5eba597a6
SHA512

3b1027101ef2d18a83aabd399c5ae3432b30f9ce541635ed35d1708864c55f94054b013e1c19e5b681838698067c8d6d722c3f9cf4c8b74c5c4ea8be40da8737
SSDEEP

3145728:lp5yB7PXOvhxn3VGFEWDE6YorqEU+vhI9C:lpIB7PevhVVGbw5oex9C

Score

10^/10

asyncrat usgr6 discovery evasion rat

Static task

static1

Behavioral task

behavioral1

Sample

Bawless Windows Cracked By Vidhayakji786.rar

Resource

win7-20240903-en

discovery evasion

windows7-x64

12 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Bawless Windows Cracked By Vidhayakji786.rar

Resource

win10v2004-20241007-en

asyncrat usgr6 discovery evasion rat

windows10-2004-x64

20 signatures

1800 seconds

Behavioral task

behavioral3

Sample

Bawless Windows Cracked By Vidhayakji786.rar

Resource

win10ltsc2021-20241211-en

discovery evasion

windows10-ltsc 2021-x64

13 signatures

1800 seconds

Behavioral task

behavioral4

Sample

Bawless Windows Cracked By Vidhayakji786.rar

Resource

win11-20241007-en

windows11-21h2-x64

3 signatures

1800 seconds

Malware Config

Extracted

Family

asyncrat

Version

Bawless Remote

Botnet

USGR6

C2

127.0.0.1:15

Mutex

7OZIOLO37

Attributes

delay
0
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Bawless Windows Cracked By Vidhayakji786.rar
- Size
  
  102.1MB
- MD5
  
  99a1d2a905676cf0542c2a4d45e58d46
- SHA1
  
  35fac87f8ca98865b6dee79023fb1c55cb925f0d
- SHA256
  
  1801c0278583e34f09b0a202c83afbc6f2bb97ab0acb2932057a25e5eba597a6
- SHA512
  
  3b1027101ef2d18a83aabd399c5ae3432b30f9ce541635ed35d1708864c55f94054b013e1c19e5b681838698067c8d6d722c3f9cf4c8b74c5c4ea8be40da8737
- SSDEEP
  
  3145728:lp5yB7PXOvhxn3VGFEWDE6YorqEU+vhI9C:lpIB7PevhVVGbw5oex9C
Score

10^/10

discovery evasion asyncrat usgr6 rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Looks for VirtualBox Guest Additions in registry
  evasion
- Looks for VMWare Tools registry key
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

asyncratusgr6discoveryevasionrat

behavioral3

discoveryevasion

behavioral4

© 2018-2025

Terms | Privacy