asyncrat | 0ffd5b54317e01a658684577fee5d5c5f53d5b2e105e7cf8c1cdfd9bd8fee780 | Triage

Sharing

General

Target

157a3f7a20b22e78c4d3f7ea88538ff7.exe
Size

88KB
Sample

250304-a7ma4svsfv
MD5

157a3f7a20b22e78c4d3f7ea88538ff7
SHA1

5289f49becfab4122f62ac5dc5f4ed4a6430d1e3
SHA256

0ffd5b54317e01a658684577fee5d5c5f53d5b2e105e7cf8c1cdfd9bd8fee780
SHA512

cd517f17d8253dfd8681fce97eaf5f591b8a7427cea2de132d68e1bc047227c287e9d5b11890e16503cf730d52c1117a5312b506ddcca4e223413f271f79f652
SSDEEP

1536:fMQTBX+ACkkNQDm4KWtVeZJmDKmVBo2wJhtycPPsahIP7fsLt/vO35T:fMuzFkeS47tgJeKmfoBJhNPsahIP7fsy

Score

10^/10

asyncrat 1 discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

1

C2

164.92.163.239:3898

Mutex

AbDUeHz1cUxL

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  157a3f7a20b22e78c4d3f7ea88538ff7.exe
- Size
  
  88KB
- MD5
  
  157a3f7a20b22e78c4d3f7ea88538ff7
- SHA1
  
  5289f49becfab4122f62ac5dc5f4ed4a6430d1e3
- SHA256
  
  0ffd5b54317e01a658684577fee5d5c5f53d5b2e105e7cf8c1cdfd9bd8fee780
- SHA512
  
  cd517f17d8253dfd8681fce97eaf5f591b8a7427cea2de132d68e1bc047227c287e9d5b11890e16503cf730d52c1117a5312b506ddcca4e223413f271f79f652
- SSDEEP
  
  1536:fMQTBX+ACkkNQDm4KWtVeZJmDKmVBo2wJhtycPPsahIP7fsLt/vO35T:fMuzFkeS47tgJeKmfoBJhNPsahIP7fsy
Score

10^/10

asyncrat 1 discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncrat1discoveryrat

behavioral2

asyncrat1discoveryrat