Overview

overview

10

Static

static

b0b110907b...95.exe

windows7_x64

10

b0b110907b...95.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b0b110907b803c315662fafcf1893595

  • Size

    525KB

  • Sample

    210716-zlbl3j5b8a

  • MD5

    b0b110907b803c315662fafcf1893595

  • SHA1

    f3afc612ea9b2aeecacb4b4e1792b6b1800ef870

  • SHA256

    2f26650c608fd0f9a206313627fc9274e5149f3a91000a4efd22edad7e66a380

  • SHA512

    e3beb668ce9745064a6f74df99ef45bfab1cb4f908a9628174e506d725a00ca9c4c2c875cd6e2b4659bcfe596adf05715e4842286cada05ab7f20396b181ba19

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

C2

icando.ug:6970

icacxndo.ac.ug:6970
Mutex

6SI8OkPnkxzcasd

Attributes
  • aes_key

    rkDO6u9Rg2tQZ5crWRxI7ttwjOqPWDog

  • anti_detection

    false

  • autorun

    false

  • bdos

    false

  • delay

    XX

  • host

    icando.ug,icacxndo.ac.ug

  • hwid

    3

  • install_file

  • install_folder

    %AppData%

  • mutex

    6SI8OkPnkxzcasd

  • pastebin_config

    null

  • port

    6970

  • version

    0.5.7B

aes.plain

Targets

    • Target

      b0b110907b803c315662fafcf1893595

    • Size

      525KB

    • MD5

      b0b110907b803c315662fafcf1893595

    • SHA1

      f3afc612ea9b2aeecacb4b4e1792b6b1800ef870

    • SHA256

      2f26650c608fd0f9a206313627fc9274e5149f3a91000a4efd22edad7e66a380

    • SHA512

      e3beb668ce9745064a6f74df99ef45bfab1cb4f908a9628174e506d725a00ca9c4c2c875cd6e2b4659bcfe596adf05715e4842286cada05ab7f20396b181ba19

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks