Overview

overview

10

Static

static

10

04d0649b4b...a3.exe

windows7_x64

10

04d0649b4b...a3.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04d0649b4bfa1dfeae3a8c86453397a3.exe

  • Size

    45KB

  • Sample

    210505-6zwhqg9dsx

  • MD5

    04d0649b4bfa1dfeae3a8c86453397a3

  • SHA1

    f47a6585df4bbb264017cacbb11a2d0e88fcea84

  • SHA256

    26b9ff2aea0f6bb6e98627a46effb1d6f0c72908fc2fa4985a72a4d199ac0870

  • SHA512

    e2c7ab0d8b80f3b2ae4369177d654011b75cd288e855724cee2dd64af45dff81e12d5a5ba72c075c6d48291f79b83a3cf120c068c90f01ddf36e5ae88901ab68

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

8.tcp.ngrok.io:18318

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • aes_key

    v4WrWlQmMr9Nbg46PqpYZ1ZQie6iSq6f

  • anti_detection

    false

  • autorun

    true

  • bdos

    false

  • delay

    Default

  • host

    8.tcp.ngrok.io

  • hwid

    3

  • install_file

  • install_folder

    %AppData%

  • mutex

    AsyncMutex_6SI8OkPnk

  • pastebin_config

    null

  • port

    18318

  • version

    0.5.7B

aes.plain

Targets

    • Target

      04d0649b4bfa1dfeae3a8c86453397a3.exe

    • Size

      45KB

    • MD5

      04d0649b4bfa1dfeae3a8c86453397a3

    • SHA1

      f47a6585df4bbb264017cacbb11a2d0e88fcea84

    • SHA256

      26b9ff2aea0f6bb6e98627a46effb1d6f0c72908fc2fa4985a72a4d199ac0870

    • SHA512

      e2c7ab0d8b80f3b2ae4369177d654011b75cd288e855724cee2dd64af45dff81e12d5a5ba72c075c6d48291f79b83a3cf120c068c90f01ddf36e5ae88901ab68

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks