VERY IMPORTANT

This analysis explores two distinct methods used to infect systems with AsyncRAT through open directories. The first technique involves a multi-stage process using various obfuscated scripts (VBS, BAT, PowerShell) and disguised files to download and execute the AsyncRAT payload. The second method employs a simpler two-stage approach, utilizing a VBS script and a disguised PowerShell script to create files and set up a scheduled task for persistent infection. Both techniques demonstrate the adaptability of attackers in using publicly accessible files to spread AsyncRAT, a Remote Access Trojan designed for system infiltration and remote control.