asyncrat | 71da2290624e7c3bb9490b64476d73317285f2df352faf649216f1270cff8485 | Triage

Sharing

General

Target

JaffaCakes118_97e7a7c29036a23e9946547b870408ce
Size

617KB
Sample

250108-k8rx4atmc1
MD5

97e7a7c29036a23e9946547b870408ce
SHA1

d6b5691c5a54c0f9045fc0f831a331e046392d20
SHA256

71da2290624e7c3bb9490b64476d73317285f2df352faf649216f1270cff8485
SHA512

24bf2264a7fe8aa7e8b7dadfd44d254032c17e71aeee1361d2444fe37eaf4759b7f3d740e96fa2ed6067884e9a5b57f795a42a2df99e91c26b4a0b4cdb38cc01
SSDEEP

6144:dC4w8juap56y9dg4sIo9ZCf6YRZDYnDSb+Ox72aR914w6Fs2gVKiEgNaratgMf:Ynapvg4sz9dYRZsDy+M70sdpEmar3Mf

Score

10^/10

asyncrat 1 discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

1

C2

185.157.160.136:1973

Mutex

df4Rtg34dFjwr7ujp3

Attributes

delay
38
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  JaffaCakes118_97e7a7c29036a23e9946547b870408ce
- Size
  
  617KB
- MD5
  
  97e7a7c29036a23e9946547b870408ce
- SHA1
  
  d6b5691c5a54c0f9045fc0f831a331e046392d20
- SHA256
  
  71da2290624e7c3bb9490b64476d73317285f2df352faf649216f1270cff8485
- SHA512
  
  24bf2264a7fe8aa7e8b7dadfd44d254032c17e71aeee1361d2444fe37eaf4759b7f3d740e96fa2ed6067884e9a5b57f795a42a2df99e91c26b4a0b4cdb38cc01
- SSDEEP
  
  6144:dC4w8juap56y9dg4sIo9ZCf6YRZDYnDSb+Ox72aR914w6Fs2gVKiEgNaratgMf:Ynapvg4sz9dYRZsDy+M70sdpEmar3Mf
Score

10^/10

asyncrat 1 discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncrat1discoverypersistencerat

behavioral2

asyncrat1discoverypersistencerat