asyncrat | b01aec687a8d5626d17066b1a38c6b54516ee163e2b24b18fbb005bb92452e44 | Triage

Sharing

General

Target

b01aec687a8d5626d17066b1a38c6b54516ee163e2b24b18fbb005bb92452e44
Size

48KB
Sample

250420-x3rrcsstbv
MD5

b88243d04fee9d12f5f0cc6be853feee
SHA1

9f631d44a4859cc4b04497c4de839d8fc5d058eb
SHA256

b01aec687a8d5626d17066b1a38c6b54516ee163e2b24b18fbb005bb92452e44
SHA512

d755b92c3b95aef8faa9cd36408f9c02d57332ad48f7ac8de1aa34f807a62c93c82ce48f98442feb5c4e8002dff7701485db3ad030b8be261eeadb18cf158dc9
SSDEEP

768:Ouir1TUEFSuWUoV3kmo2qzcVrqQcQPaqLnaPI5HoIur0bcSvt/fNSp7klTWi8xK+:Ouir1TUKP23yKj5HozgbcSvxsp7klTWv

Score

10^/10

asyncrat default discovery rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

3.25.125.234:4782

Mutex

n9S3XYaGvXp6

Attributes

delay
3
install
true
install_file
System.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  b01aec687a8d5626d17066b1a38c6b54516ee163e2b24b18fbb005bb92452e44
- Size
  
  48KB
- MD5
  
  b88243d04fee9d12f5f0cc6be853feee
- SHA1
  
  9f631d44a4859cc4b04497c4de839d8fc5d058eb
- SHA256
  
  b01aec687a8d5626d17066b1a38c6b54516ee163e2b24b18fbb005bb92452e44
- SHA512
  
  d755b92c3b95aef8faa9cd36408f9c02d57332ad48f7ac8de1aa34f807a62c93c82ce48f98442feb5c4e8002dff7701485db3ad030b8be261eeadb18cf158dc9
- SSDEEP
  
  768:Ouir1TUEFSuWUoV3kmo2qzcVrqQcQPaqLnaPI5HoIur0bcSvt/fNSp7klTWi8xK+:Ouir1TUKP23yKj5HozgbcSvxsp7klTWv
Score

10^/10

asyncrat default discovery rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

ratdefaultasyncrat

behavioral1

asyncratdefaultdiscoveryrat

behavioral2

asyncratdefaultdiscoveryrat