AsyncRAT Distributed via WSF Script [Wednesday, December 6, 2023]

AsyncRAT Distributed via WSF Script [Wednesday, December 6, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

AsyncRAT Distributed via WSF Script

Description :
AsyncRAT malware is being distributed via a file-less attack.

Published Created Modified
2023-12-06 14:45:27 2023-12-06 14:45:27 2023-12-06 15:09:12

Tags

Indicators

IPv4s :
  • 185.81.157.242
URLs :
  • http://drippmedsot.mywire.org:7707
  • http://za.com/Order_ed333c91f0fd.zip
  • http://drippmedsot.mywire.org:6606
  • http://drippmedsot.mywire.org:8808
Domains :
  • drippmedsot.mywire.org
Hashes :
  • a0064bdcf92b7c1a55a8e88fd4ecb38d27c4d602f7bf5feb18c2304d775d7387
  • 621cd690c8225dc2471fa2d94f6b568d4212baddc1a05a96a0edc9a1bbe6f29c
  • 70029e8693a7a5608b442b1944a3f6c11fe2ff1949f26e3f6178472b87837d75
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.