asyncrat | 6b612069e1c5dbe66c874cfcfae64c97a215e1556e464d153e56e956058d5dcf | Triage

Sharing

General

Target

6b612069e1c5dbe66c874cfcfae64c97a215e1556e464d153e56e956058d5dcf.exe
Size

130KB
Sample

241218-fkfgyatpct
MD5

17d63437dacbd0d9b3953add961c2e60
SHA1

4a9ece9d9fd5ab0b003a45b453aba60e949f3908
SHA256

6b612069e1c5dbe66c874cfcfae64c97a215e1556e464d153e56e956058d5dcf
SHA512

9ab99f059e71987e7cbb2c3e61810c8dba6961cc0b52564e7a1e11818b7c4b33a2b97865d196c2925476b830428dd5a76cfbde39f82a923be229cffaea0a9e70
SSDEEP

3072:RQNUZEL5p/oJ/+08cowfSnZVfWNlI/XennJ2F+8qld17JdGi4yyscfa:2r/oxptoISZlWNlImnJK+OBvq

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

QwBjELGOeYoX

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  6b612069e1c5dbe66c874cfcfae64c97a215e1556e464d153e56e956058d5dcf.exe
- Size
  
  130KB
- MD5
  
  17d63437dacbd0d9b3953add961c2e60
- SHA1
  
  4a9ece9d9fd5ab0b003a45b453aba60e949f3908
- SHA256
  
  6b612069e1c5dbe66c874cfcfae64c97a215e1556e464d153e56e956058d5dcf
- SHA512
  
  9ab99f059e71987e7cbb2c3e61810c8dba6961cc0b52564e7a1e11818b7c4b33a2b97865d196c2925476b830428dd5a76cfbde39f82a923be229cffaea0a9e70
- SSDEEP
  
  3072:RQNUZEL5p/oJ/+08cowfSnZVfWNlI/XennJ2F+8qld17JdGi4yyscfa:2r/oxptoISZlWNlImnJK+OBvq
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat