asyncrat | dc56e5df5c580fe7a54f5da41518712ddc001b4aeed229bf9add3f4ed9732416 | Triage

Sharing

General

Target

2025-01-30_aa8e460de6485d0f5fe7bee87eab208e_icedid_luca-stealer
Size

3.4MB
Sample

250130-1allesvpgq
MD5

aa8e460de6485d0f5fe7bee87eab208e
SHA1

db53b87503cc1b45d87095d3bfb462a23f9061c0
SHA256

dc56e5df5c580fe7a54f5da41518712ddc001b4aeed229bf9add3f4ed9732416
SHA512

9cb5cc05afd11d3d42a0be34f4933dce9dae7961dd7c9b437b9a4ba2e73b711d7973f2a4c276a417f8a102ff5d66bbf0741c3ee432f6eb09850b003068b7f35c
SSDEEP

98304:MNUI/8Du7EEKHvWqtxbwhwAjyKwmtv7r57dNSeJ:MNUK7nKHvjzQbyKwmd7F7LS8

Score

10^/10

asyncrat fenix discovery persistence rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

FENIX

C2

85.31.47.59:8848

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  2025-01-30_aa8e460de6485d0f5fe7bee87eab208e_icedid_luca-stealer
- Size
  
  3.4MB
- MD5
  
  aa8e460de6485d0f5fe7bee87eab208e
- SHA1
  
  db53b87503cc1b45d87095d3bfb462a23f9061c0
- SHA256
  
  dc56e5df5c580fe7a54f5da41518712ddc001b4aeed229bf9add3f4ed9732416
- SHA512
  
  9cb5cc05afd11d3d42a0be34f4933dce9dae7961dd7c9b437b9a4ba2e73b711d7973f2a4c276a417f8a102ff5d66bbf0741c3ee432f6eb09850b003068b7f35c
- SSDEEP
  
  98304:MNUI/8Du7EEKHvWqtxbwhwAjyKwmtv7r57dNSeJ:MNUK7nKHvjzQbyKwmd7F7LS8
Score

10^/10

asyncrat fenix discovery persistence rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratfenixdiscoverypersistencerat

behavioral2

asyncratfenixdiscoverypersistencerat