Overview

overview

10

Static

static

download.dat.exe

windows7_x64

10

download.dat.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    download.dat.exe

  • Size

    62KB

  • Sample

    211020-tbee6sabfk

  • MD5

    f400501648b23a2b8d4ebee2397aefd3

  • SHA1

    91aed0ebaacab2f4c1cadda6f716be34b5dbecb9

  • SHA256

    900562963720c7166432d768ff224b76b12a39b76ffe97b7c1dc33df2fa43e9e

  • SHA512

    78311b315859ff5d210f741b59ce2efcea56fdcd9a3d083278d21231813c598bd56919d20c7e4fd3114ba2166975819fdd55803a538d07a0d01d00b71cf65d90

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

ntlplaast11.duckdns.org:6606

ntlplaast11.duckdns.org:7707

ntlplaast11.duckdns.org:8808
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • anti_vm

    false

  • bsod

    false

  • delay

    3

  • install

    false

  • install_folder

    %AppData%

  • pastebin_config

    null

aes.plain

Targets

    • Target

      download.dat.exe

    • Size

      62KB

    • MD5

      f400501648b23a2b8d4ebee2397aefd3

    • SHA1

      91aed0ebaacab2f4c1cadda6f716be34b5dbecb9

    • SHA256

      900562963720c7166432d768ff224b76b12a39b76ffe97b7c1dc33df2fa43e9e

    • SHA512

      78311b315859ff5d210f741b59ce2efcea56fdcd9a3d083278d21231813c598bd56919d20c7e4fd3114ba2166975819fdd55803a538d07a0d01d00b71cf65d90

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks