{"id":9695,"date":"2024-11-07T09:30:58","date_gmt":"2024-11-07T09:30:58","guid":{"rendered":"\/cybersecurity-blog\/?p=9695"},"modified":"2024-11-07T19:26:42","modified_gmt":"2024-11-07T19:26:42","slug":"asyncrat-open-directories-infection-analysis","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/asyncrat-open-directories-infection-analysis\/","title":{"rendered":"AsyncRAT’s Infection Tactics
via Open Directories: Technical Analysis\u00a0"},"content":{"rendered":"\n

Editor\u2019s note: The current article is authored by RacWatchin8872, who is a threat intelligence analyst. You can find him on <\/em>X<\/em><\/a>.<\/em>\u00a0<\/p>\n\n\n\n

This article covers two distinct methods used to infect systems with AsyncRAT via open directories. These techniques show how attackers are constantly adapting, finding new ways to use publicly accessible files to broaden AsyncRAT’s impact and reach. <\/p>\n\n\n\n

Overview <\/h2>\n\n\n\n

AsyncRAT<\/a> is a type of Remote Access Trojan<\/a> (RAT) malware designed to stealthily infiltrate systems and give attackers remote control over infected devices. It is commonly used for spying, data theft, and manipulation of compromised systems.  <\/p>\n\n\n\n

Recently, two open directories surfaced, each employing unique methods to distribute and infect victims with AsyncRAT. These techniques highlight the persistent threat posed by this malware and its diverse infection strategies. <\/p>\n\n\n\n

First Technique <\/h2>\n\n\n\n

Open Directory <\/h3>\n\n\n\n

While investigating malicious open directories exposed to the internet, I discovered one with an unusual structure.  <\/p>\n\n\n\n

The directory contained the following files: <\/p>\n\n\n\n