asyncrat | d59adb5bf6e39573c7a302b4f91c9daec8d50dda97198f58d210e9358f499a64 | Triage

Sharing

General

Target

Radicado_Legal.N°001982913812-81281312-66523.tar
Size

1017KB
Sample

250122-za7m8avnep
MD5

d52f419bdb15a4c2167deedc8c5447fa
SHA1

702553b0fa2eeb6721e009c74dcc1472b6212ead
SHA256

d59adb5bf6e39573c7a302b4f91c9daec8d50dda97198f58d210e9358f499a64
SHA512

c02037f3857a04f4061283ab8747efb0569cf9e63e1e86fcb302da39d0a029a89840e232f5008df87da9b50fe9e65832dbaca71028b79fcdf00385d31283eb70
SSDEEP

24576:Api39bokSeyY4+luISo861pR5XVqaQtAVpekc+uz17LH4p/VLa:ApixoCuK861pRGaQt2eN+g774p/pa

Score

10^/10

asyncrat dominios-iva-22 discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

DOMINIOS-IVA-22

C2

pctrabajonuevo2.casacam.net:8849

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  Radicado_Legal.N°001982913812-81281312-66523.tar
- Size
  
  1017KB
- MD5
  
  d52f419bdb15a4c2167deedc8c5447fa
- SHA1
  
  702553b0fa2eeb6721e009c74dcc1472b6212ead
- SHA256
  
  d59adb5bf6e39573c7a302b4f91c9daec8d50dda97198f58d210e9358f499a64
- SHA512
  
  c02037f3857a04f4061283ab8747efb0569cf9e63e1e86fcb302da39d0a029a89840e232f5008df87da9b50fe9e65832dbaca71028b79fcdf00385d31283eb70
- SSDEEP
  
  24576:Api39bokSeyY4+luISo861pR5XVqaQtAVpekc+uz17LH4p/VLa:ApixoCuK861pRGaQt2eN+g774p/pa
Score

10^/10

asyncrat dominios-iva-22 discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdominios-iva-22discoverypersistencerat