Overview

overview

10

Static

static

10

async_modi...AT.exe

windows10-2004-x64

7

async_modi...AT.exe

windows11-21h2-x64

7

async_modi...UI.exe

windows10-2004-x64

3

async_modi...UI.exe

windows11-21h2-x64

3

async_modi...ub.exe

windows10-2004-x64

10

async_modi...ub.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    async_modified.zip

  • Size

    24.9MB

  • Sample

    250421-3mq3sa1qw6

  • MD5

    c0e2ffb5a48d670626703e98b9bb698c

  • SHA1

    04ea1634e13ee426a5acd68df9c1fd61d047b6ad

  • SHA256

    70cd9019f18968888f2c4d228d7f029ea9cac2309eaefe1acef6b4ab172d8dfd

  • SHA512

    8d9f356dcb8f24584b2a59a6a6b76a1101554432faf5c8a62ccdec9c3b96241b636ed6717c9b0372e08abee4c5acc24e5fd638ed8151bd5f62815c953ff66f22

  • SSDEEP

    786432:Z3B7Da83uoVhMUGrbFiuR85VaAIwsdzl0tu/MWUwNG1:ZR7DaOuoVhMUGrbszIws1/5Y

Score
10/10
asyncratdiscoveryrat

Malware Config

Targets

    • Target

      async_modified/AsyncRAT.exe

    • Size

      6.1MB

    • MD5

      2e22d85e49e70fdcb2b516fc2431ed52

    • SHA1

      dd3384e996b35c7a4f97696246b12d11d400f595

    • SHA256

      9588fa3988ffa70c288f0566fffe1e219c0936d5af6dce5ec8b9e1b5161331bc

    • SHA512

      27a81170f25e5f2bb2222669e00b9fc267a15b7b2a51143cec7d4af1475bed145fedeede038d82bf2d7bc197e8caba2a54ebeca741ed3d7d7d231f1c4374d6ae

    • SSDEEP

      196608:mxeAwpZllbJwIwOA3x/6txY0h1L4EB3zDG1w:nZllnwXcth1kWjOw

    Score
    7/10

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    behavioral1behavioral2

    • Target

      async_modified/BackProxyUI.exe

    • Size

      231KB

    • MD5

      523fd9f653ad3259189fa7640d77fb16

    • SHA1

      708a7221b4bddd0baf8038652747db9bf27c373d

    • SHA256

      06e55e12b507868b63e615e92820dbbd947b14ccf9de521b24aee2b61e7fa6ce

    • SHA512

      b5e5915ff3f34dd695cc99e824845394e7babb9fbde14be7a571ecbf445c5dd1c71721be9542546d09d48175befe3c894d094e015f62cedf2179642c3163016d

    • SSDEEP

      768:Es8veUXnDGOaUppAHdVnEcxV+w4ITc79O/DGOaUppAHdVnEcxV+w4Ihc77U7:R8hDGOtmHTR49GDGOtmHTR4LM

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      async_modified/Stub/Stub.exe

    • Size

      56KB

    • MD5

      a2be73c9c4bf4d2c036975dd29f244fa

    • SHA1

      a20981316a61abed40e5f186fc5b9660d004c099

    • SHA256

      e78f5016a28e9269c232f8c2b839141aaeed82c2932cd3d3e656857a2a5b2887

    • SHA512

      6f22d111f905d97c0c36e3cb778607845100e083813cd1e359c71ef33463e950f84253537f7ea0a0d9ccdc91e24cf80c668397b496e90749524d1e48d7c245c5

    • SSDEEP

      768:t36mueAgkwnGjM2DMk0ExDW++EXVDR54gL8ra/dqInj22waHtav/LrwQpgQ:tKmuFgBntkc++EXVl54s8ry8IdIxgQ

    Score
    10/10
    asyncratdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat
    behavioral5behavioral6

MITRE ATT&CK Enterprise v16

Tasks