asyncrat | 782d0356109cd4bdbf0c69932dd6f753754a426927c26f7db60bff7344c46c1a | Triage

Sharing

General

Target

2024.12.31止尾款结算对账核对表xlsx.exe
Size

1.0MB
Sample

250112-n2vxystmfm
MD5

33961801df7df4040fb2282d6103286c
SHA1

1c0b29fa3a333974788a71c896e30f38e2bf3769
SHA256

782d0356109cd4bdbf0c69932dd6f753754a426927c26f7db60bff7344c46c1a
SHA512

0d7a73ff1312de597fc71d3d5d0dda34e326ad2268a762695487547361a734568f21f1d0856dd9a502b704a9d5caa7ebc547baa329dc0f906ec003ca23dbd44a
SSDEEP

24576:CMjhKbkkc7tiPbWJF9WUqMFWsRvtciqgQRgOD39wKX:RI4kOtiTQWU4SciuRgC9T

Score

10^/10

asyncrat default discovery execution rat

Malware Config

Extracted

Family

asyncrat

Version

v1.2.2

Botnet

Default

C2

27.124.6.137:13651

Mutex

oayguxqwqnan

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  2024.12.31止尾款结算对账核对表xlsx.exe
- Size
  
  1.0MB
- MD5
  
  33961801df7df4040fb2282d6103286c
- SHA1
  
  1c0b29fa3a333974788a71c896e30f38e2bf3769
- SHA256
  
  782d0356109cd4bdbf0c69932dd6f753754a426927c26f7db60bff7344c46c1a
- SHA512
  
  0d7a73ff1312de597fc71d3d5d0dda34e326ad2268a762695487547361a734568f21f1d0856dd9a502b704a9d5caa7ebc547baa329dc0f906ec003ca23dbd44a
- SSDEEP
  
  24576:CMjhKbkkc7tiPbWJF9WUqMFWsRvtciqgQRgOD39wKX:RI4kOtiTQWU4SciuRgC9T
Score

10^/10

discovery asyncrat default execution rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Command and Scripting Interpreter: PowerShell
  Run Powershell to execute payload.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

asyncratdefaultdiscoveryexecutionrat