asyncrat | c93e91208da32c2d53feb734663f4260494d016f9e505551449105e91e85bb09 | Triage

Sharing

General

Target

Sonoyuncu client tr v1.0.0.exe
Size

253KB
Sample

250111-mgawlsyphq
MD5

006cf9ecda1c06de525937b3177217cb
SHA1

b997841645e4194e79ba65a138052c6d31ef901b
SHA256

c93e91208da32c2d53feb734663f4260494d016f9e505551449105e91e85bb09
SHA512

33dfffcb3d706b810883d757e79430ce8998acb4bf9c0a7d78486517a5375527a3fa83d8605ff228f7ca38349114330301e89b99e68d73a9558ecace34fe6575
SSDEEP

3072:Lu/aTUP/2ufHNbx2lUkNcy/pq3canAwKcVkMfHlgCkh:Lu/hOYtbEUkP/pq3c+AjcVlfFDG

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Sonoyuncu client tr v1.0.0.exe
- Size
  
  253KB
- MD5
  
  006cf9ecda1c06de525937b3177217cb
- SHA1
  
  b997841645e4194e79ba65a138052c6d31ef901b
- SHA256
  
  c93e91208da32c2d53feb734663f4260494d016f9e505551449105e91e85bb09
- SHA512
  
  33dfffcb3d706b810883d757e79430ce8998acb4bf9c0a7d78486517a5375527a3fa83d8605ff228f7ca38349114330301e89b99e68d73a9558ecace34fe6575
- SSDEEP
  
  3072:Lu/aTUP/2ufHNbx2lUkNcy/pq3canAwKcVkMfHlgCkh:Lu/hOYtbEUkP/pq3c+AjcVlfFDG
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat