asyncrat | e5bcb2a1cdf6cab62da5b7c8e8d78c25acb5627be5028fd5499df561fd4f24df | Triage

Sharing

General

Target

436B2F74CD97649E20CED1DC65FB0B95.exe
Size

992KB
Sample

241231-yks25synap
MD5

436b2f74cd97649e20ced1dc65fb0b95
SHA1

f96367071a2f3aa91a6c82968d542c80e670f1fe
SHA256

e5bcb2a1cdf6cab62da5b7c8e8d78c25acb5627be5028fd5499df561fd4f24df
SHA512

5535daf34f0e8d19f95ebf084fdfcf63f3e56f7dc8c562ca2b38212f8b3ad697e250a98d389722f673621201ff29e31c039b1a8e38504c55890993b38e734937
SSDEEP

24576:hN/BUBb+tYjBFHL68/C6SnugzXiM0hD6di/AD:jpUlRhT/5OXiM0hDTc

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

| Edit by Vinom Rat

Botnet

Default

C2

195.26.255.81:6606

195.26.255.81:7707

195.26.255.81:8808

195.26.255.81:0077

195.26.255.81:1996

195.26.255.81:2106

195.26.255.81:7777

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  436B2F74CD97649E20CED1DC65FB0B95.exe
- Size
  
  992KB
- MD5
  
  436b2f74cd97649e20ced1dc65fb0b95
- SHA1
  
  f96367071a2f3aa91a6c82968d542c80e670f1fe
- SHA256
  
  e5bcb2a1cdf6cab62da5b7c8e8d78c25acb5627be5028fd5499df561fd4f24df
- SHA512
  
  5535daf34f0e8d19f95ebf084fdfcf63f3e56f7dc8c562ca2b38212f8b3ad697e250a98d389722f673621201ff29e31c039b1a8e38504c55890993b38e734937
- SSDEEP
  
  24576:hN/BUBb+tYjBFHL68/C6SnugzXiM0hD6di/AD:jpUlRhT/5OXiM0hDTc
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat