Overview

overview

10

Static

static

FedEx Invo...35.exe

windows7_x64

10

FedEx Invo...35.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FedEx Invoice 202116435.exe

  • Size

    766KB

  • Sample

    210116-9jv49cg7fj

  • MD5

    fd3988d887f5e982384dca104ea49001

  • SHA1

    d3ad5fa2af44707e5e27b76fdbebf5a9ae28b457

  • SHA256

    aa0399675c53f77a7996102b5301ea24814642e9eee30648c9ac75b3b1052235

  • SHA512

    868c4795ae2fea9aaa98ad069c97564bc051ee73e728bdd61ba7f250b8b9d9b41013b4446a61a364c71f6f4105f25790938a1cbeaba64850159f69ad4836811c

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

79.134.225.45:2233

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • aes_key

    yCFT3D6MMz3qsbxnPTBTTSsUCB2B6gqZ

  • anti_detection

    false

  • autorun

    false

  • bdos

    false

  • delay

    Default

  • host

    79.134.225.45

  • hwid

    5

  • install_file

  • install_folder

    %AppData%

  • mutex

    AsyncMutex_6SI8OkPnk

  • pastebin_config

    null

  • port

    2233

  • version

    0.5.7B

aes.plain

Targets

    • Target

      FedEx Invoice 202116435.exe

    • Size

      766KB

    • MD5

      fd3988d887f5e982384dca104ea49001

    • SHA1

      d3ad5fa2af44707e5e27b76fdbebf5a9ae28b457

    • SHA256

      aa0399675c53f77a7996102b5301ea24814642e9eee30648c9ac75b3b1052235

    • SHA512

      868c4795ae2fea9aaa98ad069c97564bc051ee73e728bdd61ba7f250b8b9d9b41013b4446a61a364c71f6f4105f25790938a1cbeaba64850159f69ad4836811c

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks