Analysis of AsyncRATs Infection Tactics via Open Directories

1(520) 261-1728

Analysis of AsyncRATs Infection Tactics via Open Directories

This analysis explores two distinct methods used to infect systems with AsyncRAT through open directories. The first technique involves a multi-stage process using various obfuscated scripts (VBS, BAT, PowerShell) and disguised files to download and execute the AsyncRAT payload. The second method employs a simpler two-stage approach, utilizing a VBS script and a disguised PowerShell script to create files and set up a scheduled task for persistent infection. Both techniques demonstrate the adaptability of attackers in using publicly accessible files to spread AsyncRAT, a Remote Access Trojan designed for system infiltration and remote control. Author: AlienVault

Related Tags:
bat

multi-stage infection

scheduled tasks

T1059.005

T1053.005

Obfuscation

remote access trojan

T1204.002

T1059.001

Associated Indicators:
29E93B2EAC97547386F435811CCF0531AD0DF62FD5F021E7E5EA90B2F1F2D69A

D4EDB13AA499B39B74912A30C22A1CBA6D00694DCB68FA542BDC3D9AB2B66F68

20B15104F0AFC362126F43C0B8628BCED3CDECEC768BCDE79E60FF094C108F8A

2C6C4CD045537E2586EAB73072D790AF362E37E6D4112B1D01F15574491296B8

70733E5F26A5B4D8C3D2BCC9A21CD015CEE63DC0F93C819E7C401237F69967FE

F0D190D78B3ED7D83CC30224CD55BC158BDD5C40EC7B1F0108EE27AFA1996AB1

2B312C476CCF036B5339F023A732DDF1AEF3F193F59B304BA8089872BAE47540

561BB05D2C67FE221646B5AF653EF7D1E7E552E6745F980385BD344D8155DF0F

B1B67754391F0598E86254AD8C3A5741B70472138C1FA1BE439BE788C682345E

Threat Intel Solutions

Analysis of AsyncRATs Infection Tactics via Open Directories

Search

Popular Posts

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

MintsLoader: StealC and BOINC Delivery

Categories

Archives

Tags

Follow Us