Summary
During 2019-2021 I was focused on analyzing campaigns orchestrated by the APT-C-36 group and RATs used by this same group and other cybercriminal groups such as RemcosRAT, AsyncRAT, Imminent Monitor RAT, etc. In the last few months I have seen some modifications of TTPs in many of these families that have caught my attention and I wanted to analyze them to see what is new.
Therefore, during this entry we will go through the analysis of a sample of AsyncRAT distributed in Colombia during the last month.
info
The objective of the analysis is to provide information on the execution of the binary, genealogy and other stuff, not to go into the details of the static part.