asyncrat | c532dffccaa13b30ba6914b502c06fbd1529fd708180414a0c2a9e240b990fa8 | Triage

Sharing

General

Target

ClientProtect.exe
Size

90KB
Sample

250115-bg5kfavqhv
MD5

87b632eeb9f95084c21d2c77e3471354
SHA1

33496b79e24bb34e138ce2b137092e6420f074c8
SHA256

c532dffccaa13b30ba6914b502c06fbd1529fd708180414a0c2a9e240b990fa8
SHA512

1fb7dab048ba9c9163adf73f7fdac20aa863f110530f1c19aeace5fe104b8a1391f847bc9721b6d42be9e88603594ce074927dcc1ac4126a809ba3ce5078dc33
SSDEEP

768:0j9DILA+Es+bigykmiMo8Yb3ge6tEqvEgK/JkQIPVc6KN:0jDUgy8zbQrnkJkQIPVclN

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

Mutex

DcRatMutex_zzss

Attributes

delay
1
install
true
install_file
Inject.exe
install_folder
%AppData%
pastebin_config
https://pastebin.com/raw/4F8hYdd7

aes.plain

Targets

- Target
  
  ClientProtect.exe
- Size
  
  90KB
- MD5
  
  87b632eeb9f95084c21d2c77e3471354
- SHA1
  
  33496b79e24bb34e138ce2b137092e6420f074c8
- SHA256
  
  c532dffccaa13b30ba6914b502c06fbd1529fd708180414a0c2a9e240b990fa8
- SHA512
  
  1fb7dab048ba9c9163adf73f7fdac20aa863f110530f1c19aeace5fe104b8a1391f847bc9721b6d42be9e88603594ce074927dcc1ac4126a809ba3ce5078dc33
- SSDEEP
  
  768:0j9DILA+Es+bigykmiMo8Yb3ge6tEqvEgK/JkQIPVc6KN:0jDUgy8zbQrnkJkQIPVclN
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultrat