General

  • Target

    12542b5731864f4a2029775f44c5f681.exe

  • Size

    47KB

  • Sample

    211125-vf983sfhbq

  • MD5

    12542b5731864f4a2029775f44c5f681

  • SHA1

    e32cf510649cad5cd85714575904f6abb14773aa

  • SHA256

    e345b4bad10718422ffa6ac074d5e3d3533cd2e738efaa60622fb5f8d7ca5893

  • SHA512

    646f5d99b584b7cbae45389cba316faeae05640e590e7685a8aad23cad28ff452f9f7f1c86ae30a19c2fc3e758d79041cef261e5b199878b94582d4fc610f39c

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

null:null

Mutex

DcRatMutex_qwqdanchun

Attributes
  • anti_vm

    false

  • bsod

    false

  • delay

    1

  • install

    false

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/UyR8zcMY

aes.plain

Targets

    • Target

      12542b5731864f4a2029775f44c5f681.exe

    • Size

      47KB

    • MD5

      12542b5731864f4a2029775f44c5f681

    • SHA1

      e32cf510649cad5cd85714575904f6abb14773aa

    • SHA256

      e345b4bad10718422ffa6ac074d5e3d3533cd2e738efaa60622fb5f8d7ca5893

    • SHA512

      646f5d99b584b7cbae45389cba316faeae05640e590e7685a8aad23cad28ff452f9f7f1c86ae30a19c2fc3e758d79041cef261e5b199878b94582d4fc610f39c

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Web Service

1
T1102

Tasks