asyncrat | 2f5639932c7a25cf51737748cdc495367a9203e0a963f930f0009935109da190 | Triage

Submit
Reports

Overview

overview

Static

static

astro-grep...xe.doc

windows7_x64

astro-grep...xe.doc

windows10_x64

Sharing

General

Target

astro-grep-setup.exe.doc
Size

1.4MB
Sample

210717-zwpczbp9h6
MD5

9c3d3679ea84ff9bf67bf8c7aa2afc48
SHA1

0470d616e8918ef03098741bf7fb0b313bb8aaea
SHA256

2f5639932c7a25cf51737748cdc495367a9203e0a963f930f0009935109da190
SHA512

6896ad9abbbaa7760825d40086270f649a82a1291798173764e20deb7a5ef7a2f4070e247f27210f77341d70b6ed7215fa72a1711210610b428fcce39006af53

Score

10^/10

asyncrat rat

Static task

static1

Behavioral task

behavioral1

Sample

astro-grep-setup.exe.doc

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

astro-grep-setup.exe.doc

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

null:null

Mutex

Mutex_6SI8OkPnk

Attributes

aes_key
ZgOTIhSVzSTSosv4ITYrzailHXWOHyEM
anti_detection
true
autorun
true
bdos
false
delay
SWARM-SHOP
host
null
hwid
20
install_file
install_folder
%AppData%
mutex
Mutex_6SI8OkPnk
pastebin_config
https://pastebin.com/raw/VTByvKGM
port
null
version
0.5.7B

aes.plain

Targets

- Target
  
  astro-grep-setup.exe.doc
- Size
  
  1.4MB
- MD5
  
  9c3d3679ea84ff9bf67bf8c7aa2afc48
- SHA1
  
  0470d616e8918ef03098741bf7fb0b313bb8aaea
- SHA256
  
  2f5639932c7a25cf51737748cdc495367a9203e0a963f930f0009935109da190
- SHA512
  
  6896ad9abbbaa7760825d40086270f649a82a1291798173764e20deb7a5ef7a2f4070e247f27210f77341d70b6ed7215fa72a1711210610b428fcce39006af53
Score

10^/10

asyncrat rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy