ANY.RUN Shares Analysis Of Asyncrat's Infection Tactics Via Open Directories

DUBAI, DUBAI, UNITED ARAB EMIRATES, November 7, 2024 /EINPresswire / -- ANY , a leader in interactive malware analysis and threat intelligence, has released a technical analysis of new techniques used in multi-stage attacks involving AsyncRAT. The report details how attackers exploit open directories to distribute AsyncRAT, examines the infection mechanisms, and offers indicators of compromise (IOCs) for identifying and mitigating this persistent threat.

About AsyncRAT Malware

Known for its ability to grant remote access to threat actors, AsyncRAT has been one of the most pervasive Remote Access Trojans (RATs) since its launch in 2019. The malware has been observed to engage in data theft, stealing sensitive information of victims, as well as delivery of other malicious programs on to the compromised systems.

Key Insights from the Analysis of AsyncRAT's Attacks via Open Directories

The AsyncRAT attacks presented in the report leverage open directories exposed to the internet to initiate the infection process. The attacks involve a series of obfuscated scripts and disguised files designed to evade detection and ensure the persistence of the malware on the infected system.

· Attacks start with malicious VBS and PowerShell scripts that are disguised as text and JPG files and hosted on open directories controlled by threat actors. The scripts are then used to facilitate the infection process.

· To ensure persistence on the infected system, the attackers employ scheduled tasks that run every two minutes.

· The final stage of the attacks involves executing the main payload, which includes malicious DLL and EXE files (AsyncRAT). These files establish communication with the attacker's Command and Control (C2) server.

The report also provides security professionals with actionable IOCs to safeguard their environments against AsyncRAT. The full analysis is available on ANY's blog .

About ANY

ANY serves over 500,000 cybersecurity professionals globally, offering an interactive platform for malware analysis targeting Windows and Linux environments. With advanced threat intelligence tools such as TI Lookup, YARA Search, and Feeds, ANY enhances incident response and provides analysts with essential data to counter cyber threats effectively.

The ANY team
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
X

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

MENAFN07112024003118003196ID1108862054