asyncrat

General

Target

JaffaCakes118_cd1e40dd11cb7eb2dad6cef5e5f40f7f536cae0d0216a7914f1eea725d707758
Size

34KB
Sample

241229-jgn7fswphx
MD5

4f7b25771a26e57b9621fa2cca30d62e
SHA1

52ee7691b2c61fe4739496899a3a6532de64e12d
SHA256

cd1e40dd11cb7eb2dad6cef5e5f40f7f536cae0d0216a7914f1eea725d707758
SHA512

a02cd3210fc9eeb2654cb443575fdfd137af71fdd0c9f46569deb2077430c8e9c5e98fc4c6fe7b9a3b3cad05e6666d631abc3f2190a29ad37e2098776a70d3d6
SSDEEP

768:rlXcLfJ+cvh6Lg0wRRNB5iF3SjTiwEFxtdylvPR:rlXcLxZqg0YbENSj+FxvylvPR

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

churchmon.ddns.net:6606

churchmon.ddns.net:7707

churchmon.ddns.net:8808

churchmon21.ddns.net:6606

churchmon21.ddns.net:7707

churchmon21.ddns.net:8808

churchmon22.ddns.net:6606

churchmon22.ddns.net:7707

churchmon22.ddns.net:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34.bat
- Size
  
  48KB
- MD5
  
  83875df1ddf8a47531e763f5bc140691
- SHA1
  
  8d1bc0c5bceedd229b8faaf6542779726188b145
- SHA256
  
  a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34
- SHA512
  
  e19c020f4fe1922a4adef3dd50851514a99852b7eefa9b74e6e954f941349a60589e171a618423d0029e8d3e8568536026a1012586a74daa4d19a1ebabb701a7
- SSDEEP
  
  768:xZZOUUP++sgCpDgSE2WPENq+qrD/PESqitk3Spn1eqy1nUNamt:m+qCNgNgqdj1qitvl
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Asyncrat family

Async RAT payload

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2