Overview

overview

10

Static

static

4270337062...56.exe

windows7_x64

10

4270337062...56.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4270337062dd7bc8bf4ccbe505a15256.exe

  • Size

    254KB

  • Sample

    210603-vjeldgznsa

  • MD5

    4270337062dd7bc8bf4ccbe505a15256

  • SHA1

    8b48ddb8b17e21b3b9085ea3eda17055fc7cd222

  • SHA256

    db1e6b77da2691daf1be1eed70dc625e5e4749cfdd1833f194fedc63340b41d9

  • SHA512

    06d72a838e88eeb8fc6807e7127c2b2a92cdae3476dc523671b140c23b1b0708033acb0f9ddb5b15632b240fb8e33fa4dfef5f8634e033d5c42b955828fa1e5c

Score
10/10
asyncratpersistencerat

Malware Config

Targets

    • Target

      4270337062dd7bc8bf4ccbe505a15256.exe

    • Size

      254KB

    • MD5

      4270337062dd7bc8bf4ccbe505a15256

    • SHA1

      8b48ddb8b17e21b3b9085ea3eda17055fc7cd222

    • SHA256

      db1e6b77da2691daf1be1eed70dc625e5e4749cfdd1833f194fedc63340b41d9

    • SHA512

      06d72a838e88eeb8fc6807e7127c2b2a92cdae3476dc523671b140c23b1b0708033acb0f9ddb5b15632b240fb8e33fa4dfef5f8634e033d5c42b955828fa1e5c

    Score
    10/10
    asyncratpersistencerat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks