This article provides valuable Indicators of Compromise (IoCs) associated with AsyncRAT, including two files (a .txt and .jpg file) that were downloaded from another server over port 222 immediately prior to the establishment of the connection to the C2 server ( see Image 8 below, highlighted in red ). Today’s Malware of the Day investigation focuses on AsyncRAT, a fairly simple, open-source framework written in C# that has been implicated in numerous compromises in the last few months ( for example ).
Disclaimer: This article is part of X-Force OSINT Advisories automated collection to enable faster integration of open-source articles to client environments. All credit and copyright goes to the original authors.
Reference:
https://www.activecountermeasures.com/malware-of-the-day-asyncrat/
Sample Indicators of Compromise:
d844fc691a40c7eedbcc4775e4760e12a6a25a1c93602acacfc0b9a84c55068d179908cdf5848725084d0ae696bc7196953ca8e12e0837e764067f88420b5e08172.208.51.7520.54.24.6940dd6dfdcc31b81a66b7d54402f039d2e16092354c14aa350dfdfaaceacffdcc