asyncrat | aab63d73293024e2c135e11929702e1fd5c2497f5885f26e5a6dc6e6409c91d1 | Triage

Sharing

General

Target

aab63d73293024e2c135e11929702e1fd5c2497f5885f26e5a6dc6e6409c91d1.exe
Size

1000KB
Sample

250110-db116szjdv
MD5

4fc60bc5d5efe63f44146bf1f1bece0d
SHA1

b6dfd1478a58caca13ed041995840ea0250cff3e
SHA256

aab63d73293024e2c135e11929702e1fd5c2497f5885f26e5a6dc6e6409c91d1
SHA512

c90a18d004bb03b3d3efddff4c5c60448d4aa9a50f33e8a23e93ac282e927f7f70c788c19982fb5642218baa1a6b04cb2852d447aee767f32e7fa7cf6a7db6ef
SSDEEP

24576:6qDEvCTbMWu7rQYlBQcBiT6rprG8a8hXks:6TvC/MTQYxsWR7a8

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

69.174.100.131:6606

Mutex

abkZfsCYRZhk

Attributes

delay
10
install
false
install_file
order.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  aab63d73293024e2c135e11929702e1fd5c2497f5885f26e5a6dc6e6409c91d1.exe
- Size
  
  1000KB
- MD5
  
  4fc60bc5d5efe63f44146bf1f1bece0d
- SHA1
  
  b6dfd1478a58caca13ed041995840ea0250cff3e
- SHA256
  
  aab63d73293024e2c135e11929702e1fd5c2497f5885f26e5a6dc6e6409c91d1
- SHA512
  
  c90a18d004bb03b3d3efddff4c5c60448d4aa9a50f33e8a23e93ac282e927f7f70c788c19982fb5642218baa1a6b04cb2852d447aee767f32e7fa7cf6a7db6ef
- SSDEEP
  
  24576:6qDEvCTbMWu7rQYlBQcBiT6rprG8a8hXks:6TvC/MTQYxsWR7a8
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat