asyncrat | da053d2b374fb1eed1c790240aa69223feac8890a2499d57cf2be651b199b839 | Triage

Sharing

General

Target

Optimizer.exe
Size

141KB
Sample

250105-r75k5axlcs
MD5

08b7e95717e559eba913a4af26a893ab
SHA1

57ebdc63ea7b4773a34be646ec3d1f0862881ff9
SHA256

da053d2b374fb1eed1c790240aa69223feac8890a2499d57cf2be651b199b839
SHA512

338a1135b93ad0b98f77737ebd9c31b52cab99e598bdc9553dc29ffc6177014da3464b8c8980de2a99336903a2671d1a8b61d87471386dd5a361f89793f49caa
SSDEEP

3072:7hK4Uay3XrQ8habqgp9pC9Z6p5uf3C6k0xuZ04ntfxqhBuCgM:7hK4XycqgpfCup5sVxuZ04ihAO

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

win-five.gl.at.ply.gg:62867

Mutex

wSVzarUq9UtI

Attributes

delay
3
install
true
install_file
RuntimeBroker.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Optimizer.exe
- Size
  
  141KB
- MD5
  
  08b7e95717e559eba913a4af26a893ab
- SHA1
  
  57ebdc63ea7b4773a34be646ec3d1f0862881ff9
- SHA256
  
  da053d2b374fb1eed1c790240aa69223feac8890a2499d57cf2be651b199b839
- SHA512
  
  338a1135b93ad0b98f77737ebd9c31b52cab99e598bdc9553dc29ffc6177014da3464b8c8980de2a99336903a2671d1a8b61d87471386dd5a361f89793f49caa
- SSDEEP
  
  3072:7hK4Uay3XrQ8habqgp9pC9Z6p5uf3C6k0xuZ04ntfxqhBuCgM:7hK4XycqgpfCup5sVxuZ04ihAO
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat