asyncrat | 18c6fe91e164ec7b80b848fd174b41959328714691ba47acfa5e35d4a0f6c077 | Triage

Sharing

General

Target

2025-01-24_5697eb836db41ea76958c98e2e837660_avoslocker_luca-stealer
Size

3.0MB
Sample

250124-t7r15sxngx
MD5

5697eb836db41ea76958c98e2e837660
SHA1

758d3c028faaf023c28890f3c4a68cdbce5159e3
SHA256

18c6fe91e164ec7b80b848fd174b41959328714691ba47acfa5e35d4a0f6c077
SHA512

0c32c612ba897466631e3d888de8c832388e4648f63ffd77797ecbc7534762ddbac79508741b4f057bc3a5b210448e73f1377298ceac328e2b1be1af5fc1c217
SSDEEP

49152:eKKe1YeEAYOW1+M5A8SCElZSVB2YB3C3p+svqiaMB6C3:TKsW1+M5NSCElMjCeC

Score

10^/10

asyncrat jack-new21 discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

JACK-NEW21

C2

pctrabajonuevo2.casacam.net:8849

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  2025-01-24_5697eb836db41ea76958c98e2e837660_avoslocker_luca-stealer
- Size
  
  3.0MB
- MD5
  
  5697eb836db41ea76958c98e2e837660
- SHA1
  
  758d3c028faaf023c28890f3c4a68cdbce5159e3
- SHA256
  
  18c6fe91e164ec7b80b848fd174b41959328714691ba47acfa5e35d4a0f6c077
- SHA512
  
  0c32c612ba897466631e3d888de8c832388e4648f63ffd77797ecbc7534762ddbac79508741b4f057bc3a5b210448e73f1377298ceac328e2b1be1af5fc1c217
- SSDEEP
  
  49152:eKKe1YeEAYOW1+M5A8SCElZSVB2YB3C3p+svqiaMB6C3:TKsW1+M5NSCElMjCeC
Score

10^/10

asyncrat jack-new21 discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratjack-new21discoverypersistencerat

behavioral2

asyncratjack-new21discoverypersistencerat