Overview

overview

10

Static

static

po.exe

windows7_x64

10

po.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    po.exe

  • Size

    467KB

  • Sample

    201224-ytwbzb9mdx

  • MD5

    1e554ab27fbe8ee5bddd54a0ef18678f

  • SHA1

    3041358e2afd962ca94529deca872d2fa15ecc5f

  • SHA256

    951e7a36c44a10657f8fa4b01584953196dbff0531825f108e38d94245c8b2d5

  • SHA512

    8c208b431613619a433c731f0a405e6696adbbdb09d3667757027b2cad922e0a5225be3a8801d044fbb2a91a34d9c0543c1925637053c3352f4ed6212fac62aa

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

inmosas.linkpc.net:3470

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • aes_key

    TptobGDWq1lq548yc7k7YkcxR22FzIil

  • anti_detection

    false

  • autorun

    true

  • bdos

    false

  • delay

    Default

  • host

    inmosas.linkpc.net

  • hwid

    3

  • install_file

  • install_folder

    %AppData%

  • mutex

    AsyncMutex_6SI8OkPnk

  • pastebin_config

    null

  • port

    3470

  • version

    0.5.7B

aes.plain

Targets

    • Target

      po.exe

    • Size

      467KB

    • MD5

      1e554ab27fbe8ee5bddd54a0ef18678f

    • SHA1

      3041358e2afd962ca94529deca872d2fa15ecc5f

    • SHA256

      951e7a36c44a10657f8fa4b01584953196dbff0531825f108e38d94245c8b2d5

    • SHA512

      8c208b431613619a433c731f0a405e6696adbbdb09d3667757027b2cad922e0a5225be3a8801d044fbb2a91a34d9c0543c1925637053c3352f4ed6212fac62aa

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks