General

  • Target

    d3a6b158e1e9696487764681659b132e.exe

  • Size

    45KB

  • Sample

    210112-m46vf8qgre

  • MD5

    d3a6b158e1e9696487764681659b132e

  • SHA1

    5e55263eda3d62389ca0f8e08a75a65e1afd7e40

  • SHA256

    ce0530832a781bd0ca193f10973c554c051cbebd189339c2ff31b60638914a89

  • SHA512

    ecb4e7320979490e219a71812c640af8c2f9ac9303b7c16993961c4f89c23c49f3620cd0940f36cc69371df0386582f6ac7204d07d14cae6e0271956416c234f

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

103.147.184.53:1991

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • aes_key

    jAIQjLUDDlRsSW2EWQFUO3GpJGouneMb

  • anti_detection

    false

  • autorun

    true

  • bdos

    false

  • delay

    Default

  • host

    103.147.184.53

  • hwid

    3

  • install_file

  • install_folder

    %AppData%

  • mutex

    AsyncMutex_6SI8OkPnk

  • pastebin_config

    null

  • port

    1991

  • version

    0.5.7B

aes.plain

Targets

    • Target

      d3a6b158e1e9696487764681659b132e.exe

    • Size

      45KB

    • MD5

      d3a6b158e1e9696487764681659b132e

    • SHA1

      5e55263eda3d62389ca0f8e08a75a65e1afd7e40

    • SHA256

      ce0530832a781bd0ca193f10973c554c051cbebd189339c2ff31b60638914a89

    • SHA512

      ecb4e7320979490e219a71812c640af8c2f9ac9303b7c16993961c4f89c23c49f3620cd0940f36cc69371df0386582f6ac7204d07d14cae6e0271956416c234f

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

    • Async RAT payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Tasks