General

  • Target

    ace7c01a3c368fe5377a730473459bf6.exe

  • Size

    45KB

  • Sample

    210508-dj62rn1e12

  • MD5

    ace7c01a3c368fe5377a730473459bf6

  • SHA1

    eedabf9db6b27737c27b90f3b1f23b2e0414e391

  • SHA256

    aab31adf2a159b146b4350f6da6ffac698206e596b18c43dad16a4891c2eedb9

  • SHA512

    f9c8b327209da040eb7f42cbcfd1baf10cdf8dbf46e7e34905d1637fa3ff31b5513614b9d495c4e732222f6255c03a38fdfac5c5e385bbadb8dfdc6ebb58a376

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

178.20.230.68:1604

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • aes_key

    iysK7KwUC3OXGMRut9WTAb3l3po3KzVm

  • anti_detection

    false

  • autorun

    false

  • bdos

    false

  • delay

    Default

  • host

    178.20.230.68

  • hwid

    3

  • install_file

  • install_folder

    %AppData%

  • mutex

    AsyncMutex_6SI8OkPnk

  • pastebin_config

    null

  • port

    1604

  • version

    0.5.7B

aes.plain

Targets

    • Target

      ace7c01a3c368fe5377a730473459bf6.exe

    • Size

      45KB

    • MD5

      ace7c01a3c368fe5377a730473459bf6

    • SHA1

      eedabf9db6b27737c27b90f3b1f23b2e0414e391

    • SHA256

      aab31adf2a159b146b4350f6da6ffac698206e596b18c43dad16a4891c2eedb9

    • SHA512

      f9c8b327209da040eb7f42cbcfd1baf10cdf8dbf46e7e34905d1637fa3ff31b5513614b9d495c4e732222f6255c03a38fdfac5c5e385bbadb8dfdc6ebb58a376

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks