Overview

overview

10

Static

static

10

manstealer

windows10_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fvansrjesrsjeyasgns.rar

  • Size

    21KB

  • Sample

    210417-hwe6fm382s

  • MD5

    ace5d1cfa0fab705de730d8941a26ed0

  • SHA1

    580460a23915245fbfa0021faf598959d4579568

  • SHA256

    4c766d412d5c83ba93f2e34c51fa0a8e1bb366f9aba69470ad1916041386ac8d

  • SHA512

    b1b3eaa3df41de9be45f09d96d11b5220d9a8eea3157f4d65f6ee7c84ff41d8e6904e95381790bd769dd76e41f2debc98d17f2f73f6b3c8389e3e39a869f5f70

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

Version

0.2

C2

45.77.101.153:6606

45.77.101.153:7707

45.77.101.153:8808
Mutex

RAT_oocslxgowqpifpzrir_mutex

Attributes
  • aes_key

    lXQuB3or3nLf1TeKzQ9Bb3R0mBS4npX1

  • anti_detection

    false

  • autorun

    false

  • bdos

    false

  • delay

    Default

  • host

    45.77.101.153

  • hwid

    3

  • install_file

  • install_folder

    %AppData%

  • mutex

    RAT_oocslxgowqpifpzrir_mutex

  • pastebin_config

    null

  • port

    6606,7707,8808

  • version

    0.2

aes.plain

Targets

    • Target

      fvansrjesrsjeyasgns.exe

    • Size

      45KB

    • MD5

      34eacbb5f987cf3711bbd2f8bbf21fea

    • SHA1

      134476f25993f9476501d15db0edf16c74166451

    • SHA256

      f658bc9b0dc3d342463f6eecae35d14d48825ac175358773c62905d6d58f5cd2

    • SHA512

      424a9652eb8eae6a197cfba3321d5068e9cec55b97dcde70dde36eb0db985f6d4c10cb5230577c5ad3ed60e801ccdd73c37e7c3f30fa273fa4f43b78310188b2

    Score
    4/10
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks