asyncrat | 347586f7facf4ef5fcb456f6589d65cb3167a7fa4379740ff03b2c861d8cf364 | Triage

Resubmissions

21-12-2024 17:00

241221-vh4t3stpap 10

21-12-2024 16:17

241221-trjptssqdl 10

Sharing

General

Target

gggg.exe
Size

52KB
Sample

241221-trjptssqdl
MD5

fb6d592ff07d0e26a291b3e78c1ce139
SHA1

e5e82e613372b0795f8347ac643e954f0c514df2
SHA256

347586f7facf4ef5fcb456f6589d65cb3167a7fa4379740ff03b2c861d8cf364
SHA512

5db5797fcb1a6c2cbd2e2f4aaf2a5fd47f693116583596292531b73a36eabc8517ee7bc1d8cb5a999f45a5ca91152f0b3a810ec00ce35c8283f02d1c5e287779
SSDEEP

1536:2uu91TwSb2nth5csqQXb6HoTUdHN0QdH/:2uuDTwSb2tQsqwb6I4dtl9/

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:8808

10.59.25.45:8808

Mutex

KxaqMLMZrN62

Attributes

delay
3
install
true
install_file
Maple.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  gggg.exe
- Size
  
  52KB
- MD5
  
  fb6d592ff07d0e26a291b3e78c1ce139
- SHA1
  
  e5e82e613372b0795f8347ac643e954f0c514df2
- SHA256
  
  347586f7facf4ef5fcb456f6589d65cb3167a7fa4379740ff03b2c861d8cf364
- SHA512
  
  5db5797fcb1a6c2cbd2e2f4aaf2a5fd47f693116583596292531b73a36eabc8517ee7bc1d8cb5a999f45a5ca91152f0b3a810ec00ce35c8283f02d1c5e287779
- SSDEEP
  
  1536:2uu91TwSb2nth5csqQXb6HoTUdHN0QdH/:2uuDTwSb2tQsqwb6I4dtl9/
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat