Overview

overview

10

Static

static

10

338046b4bd...50.exe

windows7_x64

10

338046b4bd...50.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    338046b4bd5337aa3d6ccea6b45c7950.exe

  • Size

    98KB

  • Sample

    210101-69tff3667n

  • MD5

    338046b4bd5337aa3d6ccea6b45c7950

  • SHA1

    2a85497a77928068a064674237610b6a9bb7aed9

  • SHA256

    3bc701b864cc3fffdb154ed410de8f893cc31b577e7df78347742a8ab15ce9ef

  • SHA512

    7d3781710087ea81b4256a6ad3fa04bc9e072282be1229b5f62165cc3c30b96746c8f89934f8057840323885dd19d01804df1756ad4466272ed21a5a76879e94

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

null:null

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • aes_key

    MbJHwqGReQMnsZXxOd2433A3UKiKEwZV

  • anti_detection

    false

  • autorun

    true

  • bdos

    false

  • delay

    GrieferGames

  • host

    null

  • hwid

    3

  • install_file

  • install_folder

    %AppData%

  • mutex

    AsyncMutex_6SI8OkPnk

  • pastebin_config

    https://pastebin.com/raw/bC60Y12E

  • port

    null

  • version

    0.5.7B

aes.plain

Targets

    • Target

      338046b4bd5337aa3d6ccea6b45c7950.exe

    • Size

      98KB

    • MD5

      338046b4bd5337aa3d6ccea6b45c7950

    • SHA1

      2a85497a77928068a064674237610b6a9bb7aed9

    • SHA256

      3bc701b864cc3fffdb154ed410de8f893cc31b577e7df78347742a8ab15ce9ef

    • SHA512

      7d3781710087ea81b4256a6ad3fa04bc9e072282be1229b5f62165cc3c30b96746c8f89934f8057840323885dd19d01804df1756ad4466272ed21a5a76879e94

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks