Tool: AsyncRAT

Description

[AsyncRAT](https://attack.mitre.org/software/S1087) is an open-source remote access tool originally available through the NYANxCAT Github repository that has been used in malicious campaigns.(Citation: Morphisec Snip3 May 2021)(Citation: Cisco Operation Layover September 2021)(Citation: Telefonica Snip3 December 2021)

External References

• mitre-attack
• Telefonica Snip3 December 2021
• Morphisec Snip3 May 2021
• Cisco Operation Layover September 2021

Techniques Used by This Tool

• T1033 — System Owner/User Discovery
• T1053.005 — Scheduled Task
• T1056.001 — Keylogging
• T1057 — Process Discovery
• T1082 — System Information Discovery
• T1105 — Ingress Tool Transfer
• T1106 — Native API
• T1113 — Screen Capture
• T1125 — Video Capture
• T1497.001 — System Checks
• T1564.003 — Hidden Window
• T1568 — Dynamic Resolution
• T1622 — Debugger Evasion

APT Groups Using This Tool

• TA2541