asyncrat | 0a60b0b06e2a75d029013ccd83601fd23779f13f73d65aca5ea12eeab5277ce8 | Triage

Sharing

General

Target

JaffaCakes118_0a60b0b06e2a75d029013ccd83601fd23779f13f73d65aca5ea12eeab5277ce8
Size

659KB
Sample

241230-bxfk9atldj
MD5

3d21fb89e34232f14e163d126859187a
SHA1

39fa8b98ab3eff5683f5e8fadc5bfdfb40d8e8d2
SHA256

0a60b0b06e2a75d029013ccd83601fd23779f13f73d65aca5ea12eeab5277ce8
SHA512

9ef24c1f9937095d064eb1483a6b8b9ff3e548f8fd9e67366571c6342d0f187d400cf80ba656d4c4a1bb143403ac76e3f1bd369125e1cb8675fffde78db6bce9
SSDEEP

1536:/PTHAVihnRaut733pgszxDMJrLQcGbT0GB409VbeJCquiZ2Xsk3tnhnwlAVaIciU:i

Score

10^/10

asyncrat 15-03-2022 discovery execution rat

Malware Config

Extracted

Family

asyncrat

Version

2022 | Edit 3LOSH RAT

Botnet

15-03-2022

C2

185.81.157.7:5523

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  JaffaCakes118_0a60b0b06e2a75d029013ccd83601fd23779f13f73d65aca5ea12eeab5277ce8
- Size
  
  659KB
- MD5
  
  3d21fb89e34232f14e163d126859187a
- SHA1
  
  39fa8b98ab3eff5683f5e8fadc5bfdfb40d8e8d2
- SHA256
  
  0a60b0b06e2a75d029013ccd83601fd23779f13f73d65aca5ea12eeab5277ce8
- SHA512
  
  9ef24c1f9937095d064eb1483a6b8b9ff3e548f8fd9e67366571c6342d0f187d400cf80ba656d4c4a1bb143403ac76e3f1bd369125e1cb8675fffde78db6bce9
- SSDEEP
  
  1536:/PTHAVihnRaut733pgszxDMJrLQcGbT0GB409VbeJCquiZ2Xsk3tnhnwlAVaIciU:i
Score

10^/10

execution asyncrat 15-03-2022 discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncrat15-03-2022discoveryexecutionrat