asyncrat | 74400fe04cee9d73c57f1a3705f7b1cb492aa6ca4dabf5a00cf9d28ad77be4b3 | Triage

Sharing

General

Target

JaffaCakes118_74400fe04cee9d73c57f1a3705f7b1cb492aa6ca4dabf5a00cf9d28ad77be4b3
Size

23KB
Sample

241230-bh5ltsspav
MD5

cb192857a8c2e9fc8224a100c1096234
SHA1

61ddac5232e6ee5e93fb204d0b238a56efac8d1a
SHA256

74400fe04cee9d73c57f1a3705f7b1cb492aa6ca4dabf5a00cf9d28ad77be4b3
SHA512

3b3d68b2aa9a3e49b39ad7e0ec2c1be125cd82fbbb2a3dab7ffca82902943a95768f217b31f0f9ed78e5885628faef1443734b1626ba386ec54accab86343995
SSDEEP

384:fTo6a9gKHRn0dbPH+3YeBNp2Y2bqU68vJXhBWuwZ7U7AEVqhFwCi:M6aPHpmbyBN70zR6U7AE4wf

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_folder
%AppData%
pastebin_config
https://pastebin.com/raw/RD1LMR62

aes.plain

Targets

- Target
  
  a60b72fdfc78af08de190ff77f29d4b9beb42eb1fd0572b75360aee41b23e5fa
- Size
  
  47KB
- MD5
  
  e71593e2fc83fa8c47af5ec8ff54b746
- SHA1
  
  fae2ee3c585a7a0f5d7f0d750572d16f28d0b33a
- SHA256
  
  a60b72fdfc78af08de190ff77f29d4b9beb42eb1fd0572b75360aee41b23e5fa
- SHA512
  
  0f8c58de9943211242bcf8d8fcdec05dac6e3460048d652944425862a0cfd7c6a1e25f8f4683c55980f1d32f96eb44ccb7b2c5d6b7ca41db563a3c0959ef3696
- SSDEEP
  
  768:p96mxUTILWCaS+DiMtelDSN+iV08Ybygezc2BkXkRSvEgK/JnZVc6KN:p96AKWMtKDs4zb1Wc3kcnkJnZVclN
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat

behavioral2

asyncratdefaultrat