asyncrat | 014dba300f314de1c296005e39b4263d50ff032b7eebea2353b2285c90f891ed | Triage

Sharing

General

Target

014dba300f314de1c296005e39b4263d50ff032b7eebea2353b2285c90f891ed
Size

798KB
Sample

250330-j632xawpt4
MD5

0997e0d8d2828ad4da27e830fd6562d3
SHA1

ddcb9cb2462b6f7b2a688a7696e49164a1d40d44
SHA256

014dba300f314de1c296005e39b4263d50ff032b7eebea2353b2285c90f891ed
SHA512

4e356cef6d1d50d1d7ab249177703d06f6a34c0b37405e00c47d850aeac782a6fd0562daed815df05659ff16b81698cd6a11a034dc3b599f019d778cf67191ef
SSDEEP

12288:AyveQB/fTHIGaPkKEYzURNAwbAgWtJZLGxDUeYnqaGsSGo0/O6nG:AuDXTIGaPhEYzUzA0ASxA/qnsO6nG

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

opakk.hopto.org:34397

Mutex

AkzHMC1tjq5U

Attributes

delay
3
install
true
install_file
WUDFHost.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  014dba300f314de1c296005e39b4263d50ff032b7eebea2353b2285c90f891ed
- Size
  
  798KB
- MD5
  
  0997e0d8d2828ad4da27e830fd6562d3
- SHA1
  
  ddcb9cb2462b6f7b2a688a7696e49164a1d40d44
- SHA256
  
  014dba300f314de1c296005e39b4263d50ff032b7eebea2353b2285c90f891ed
- SHA512
  
  4e356cef6d1d50d1d7ab249177703d06f6a34c0b37405e00c47d850aeac782a6fd0562daed815df05659ff16b81698cd6a11a034dc3b599f019d778cf67191ef
- SSDEEP
  
  12288:AyveQB/fTHIGaPkKEYzURNAwbAgWtJZLGxDUeYnqaGsSGo0/O6nG:AuDXTIGaPhEYzUzA0ASxA/qnsO6nG
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat