Overview

overview

10

Static

static

IMG 01-06-...83.exe

windows7_x64

10

IMG 01-06-...83.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    IMG 01-06-2021 93899283.exe

  • Size

    219KB

  • Sample

    210106-k97eyejcje

  • MD5

    dd319982f0f20d472f466d7e3598d18b

  • SHA1

    de92836d855354abcf1a1c88093d6c3cbf009545

  • SHA256

    fcfda22e8938ce7846eb3494af9778f601b676df3446a0b5b1a710c08d632010

  • SHA512

    6d55f84ed9ac2c01f8bb47fababbd6a99297776633531049793a4970f57dff2cfa3ce54a536facd64163ebda48f50b9a620b0046a596c818dc434caef36c921c

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.6A

C2

194.5.97.177:10011

Mutex

zsmnadpzmacboobggxc

Attributes
  • aes_key

    oY4R2ZxJTae5ZkR4Z3caW1vvsIe5MAmF

  • anti_detection

    false

  • autorun

    false

  • bdos

    false

  • delay

  • host

    194.5.97.177

  • hwid

    5

  • install_file

  • install_folder

    %AppData%

  • mutex

    zsmnadpzmacboobggxc

  • pastebin_config

    null

  • port

    10011

  • version

    0.5.6A

aes.plain

Targets

    • Target

      IMG 01-06-2021 93899283.exe

    • Size

      219KB

    • MD5

      dd319982f0f20d472f466d7e3598d18b

    • SHA1

      de92836d855354abcf1a1c88093d6c3cbf009545

    • SHA256

      fcfda22e8938ce7846eb3494af9778f601b676df3446a0b5b1a710c08d632010

    • SHA512

      6d55f84ed9ac2c01f8bb47fababbd6a99297776633531049793a4970f57dff2cfa3ce54a536facd64163ebda48f50b9a620b0046a596c818dc434caef36c921c

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks