A naukri.com initiative
Cybersecurity-Insiders
2M
381
Image Credit: Cybersecurity-Insiders
AsyncRAT’s Infection Tactics via Open Directories: Technical Analysis
- ANY.RUN has released a technical analysis authored by RacWatchin8872 documenting new infection tactics used in multi-stage attacks involving AsyncRAT.
- AsyncRAT is a Remote Access Trojan (RAT) malware used for spying, data theft, and compromised system manipulation.
- Two open directories using unique methods were discovered distributing and infecting victims with AsyncRAT.
- First technique involved several file and script types including VBS, JPG, BAT and PowerShell to complete the infection process
- Second technique had two stages; involving a VBS and PowerShell script to ensure the infection persists with a scheduled task
- Indicators of compromise are provided to identify and detected AsyncRAT
- The report highlights the persistent threat posed by this malware and its diverse infection strategies.
- The investigation uncovered two IPs actively spreading AsyncRAT through different methods.
- ANY.RUN reports can be used for free to gather more information about the command and control (C2) infrastructure.
- The analysis provides insight into the techniques employed by attackers in the never-ending arms race for cyber control.
Read Full Article
22 Likes
For uninterrupted reading, download the app