Distribution of AsyncRAT Disguised as Ebook

July 10, 2024, 9:29 a.m.

Description

This analysis covers the distribution of AsyncRAT malware disguised as an ebook. The compressed file contains a malicious LNK and PowerShell scripts that ultimately execute AsyncRAT. The malware employs various techniques, such as obfuscation, task scheduling, and anti-VM and anti-AV capabilities, to maintain persistence and exfiltrate user information while receiving commands from the threat actor. Particular caution is advised due to the potential for widespread distribution via phishing emails and file-sharing websites.

Date

Published Created Modified
July 10, 2024, 9:22 a.m. July 10, 2024, 9:22 a.m. July 10, 2024, 9:29 a.m.

Indicators

Attack Patterns