Overview

overview

10

Static

static

SecuriteIn...85.exe

windows7_x64

10

SecuriteIn...85.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.Inject4.9779.49.9585

  • Size

    1.5MB

  • Sample

    210401-fnr3htp4fs

  • MD5

    73e662d533f7469a086abb6ec7de6c94

  • SHA1

    86d13d647c3f810adccb2d4633ecbe7aee5be66a

  • SHA256

    0734e8907cb7ff021d602a5046fd6b2b3790ef37113eb2faf3c6e23425e4755c

  • SHA512

    37bd9d553945f77789d6005962b07891f3b4328207f8cc311be200595043f0a1f0f9b295e4dadb7ecadce2eabf15bfbc940ca0145ead9f65eb14a589eb7e8960

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

haberci.ddns.net:55501

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • aes_key

    7qeeypCsaUzRqpps4mCoM0L2H5Rezedz

  • anti_detection

    false

  • autorun

    true

  • bdos

    true

  • delay

    clientx

  • host

    haberci.ddns.net

  • hwid

    5

  • install_file

  • install_folder

    %AppData%

  • mutex

    AsyncMutex_6SI8OkPnk

  • pastebin_config

    null

  • port

    55501

  • version

    0.5.7B

aes.plain

Targets

    • Target

      SecuriteInfo.com.Trojan.Inject4.9779.49.9585

    • Size

      1.5MB

    • MD5

      73e662d533f7469a086abb6ec7de6c94

    • SHA1

      86d13d647c3f810adccb2d4633ecbe7aee5be66a

    • SHA256

      0734e8907cb7ff021d602a5046fd6b2b3790ef37113eb2faf3c6e23425e4755c

    • SHA512

      37bd9d553945f77789d6005962b07891f3b4328207f8cc311be200595043f0a1f0f9b295e4dadb7ecadce2eabf15bfbc940ca0145ead9f65eb14a589eb7e8960

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks