R7dtqfb4.exe

General
Target

R7dtqfb4.exe

Size

47KB

Sample

201122-dsr9xrc8l2

Score
10 /10
MD5

7a94c583a5067f31a1b45afecc5b79d1

SHA1

ce5de8936598176e03cd4df7491b5c7fd7bf655e

SHA256

1153ff7152d6470ab2893655f2cd50df6a5dc7d0169ea56e5e7f54704b136831

SHA512

0f696c5bc685167dd34619025a7888bcc0ccf5f0495d5267dbb81c89dcae2507431ff5ca392918079e91e2d458fe3435b5d6706d36cd7b8471e082de0a7d9fcb

Malware Config

Extracted

Family asyncrat
Version 0.5.7B
C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:222

127.0.0.1:1604

ipmdegismismalcry.duckdns.org:6606

ipmdegismismalcry.duckdns.org:7707

ipmdegismismalcry.duckdns.org:222

ipmdegismismalcry.duckdns.org:1604

Attributes
aes_key
koPG6INjc28PNWnayu42zUPjfvt9aAF7
anti_detection
true
autorun
false
bdos
false
delay
21.11
host
127.0.0.1,ipmdegismismalcry.duckdns.org
hwid
3
install_file
install_folder
%AppData%
mutex
AsyncMutex_6SI8OkPnk
pastebin_config
null
port
6606,7707,222,1604
version
0.5.7B
aes.plain
Targets
Target

R7dtqfb4.exe

MD5

7a94c583a5067f31a1b45afecc5b79d1

Filesize

47KB

Score
10 /10
SHA1

ce5de8936598176e03cd4df7491b5c7fd7bf655e

SHA256

1153ff7152d6470ab2893655f2cd50df6a5dc7d0169ea56e5e7f54704b136831

SHA512

0f696c5bc685167dd34619025a7888bcc0ccf5f0495d5267dbb81c89dcae2507431ff5ca392918079e91e2d458fe3435b5d6706d36cd7b8471e082de0a7d9fcb

Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          10/10

                          behavioral1

                          10/10

                          behavioral2

                          10/10