asyncrat | f98a607f7aed8a5dd5950711a576fede3326857b4254de991abaf9a70e77be7b | Triage

Sharing

General

Target

a7f9f165cd238ccbe2ca5803fcd3209d.exe
Size

162KB
Sample

250109-aj4v9askgr
MD5

a7f9f165cd238ccbe2ca5803fcd3209d
SHA1

1c145bc3fa28fa807d3c831de524b5806e0de334
SHA256

f98a607f7aed8a5dd5950711a576fede3326857b4254de991abaf9a70e77be7b
SHA512

f352947e7e3f9fd7157539c2890ffbfce6a933af4df047e47661c7be8e66afe7ba994910174641915c1ff6626fbaa897c020f662ac723bc8606cd0100a613ed7
SSDEEP

3072:OHUWEdcWRJy1kI4E/BaSv9krW5xpvp4mKawJ1X3zsIW0sk0Y1:OHUWEdcWRYcEUS7pviIAs19

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

144.91.79.54:32769

Mutex

E9IiT5JzUivo

Attributes

delay
3
install
false
install_file
TestFile.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  a7f9f165cd238ccbe2ca5803fcd3209d.exe
- Size
  
  162KB
- MD5
  
  a7f9f165cd238ccbe2ca5803fcd3209d
- SHA1
  
  1c145bc3fa28fa807d3c831de524b5806e0de334
- SHA256
  
  f98a607f7aed8a5dd5950711a576fede3326857b4254de991abaf9a70e77be7b
- SHA512
  
  f352947e7e3f9fd7157539c2890ffbfce6a933af4df047e47661c7be8e66afe7ba994910174641915c1ff6626fbaa897c020f662ac723bc8606cd0100a613ed7
- SSDEEP
  
  3072:OHUWEdcWRJy1kI4E/BaSv9krW5xpvp4mKawJ1X3zsIW0sk0Y1:OHUWEdcWRYcEUS7pviIAs19
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Drops startup file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat