Overview

overview

10

Static

static

16f110b124...64.exe

windows7_x64

10

16f110b124...64.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16f110b124d0b30fbffeac0a1b3e0f64.exe

  • Size

    347KB

  • Sample

    211207-p5ssfacbe2

  • MD5

    16f110b124d0b30fbffeac0a1b3e0f64

  • SHA1

    b3fce7935a3411d1c4a89dab3e1b1d9c6f3422ec

  • SHA256

    ea5f4670002af8c3383f591d38b2ed912d1d2e144df8bf59d849e5c77e9c7de8

  • SHA512

    89e62d516b678963fcea3cfe1bbcc9559ce1f4d908925932a461c07f5c9cb3a46e6ff988889e77a64b2b53a39dc039fbea796bc6738e534939662de414e844a9

Score
10/10
asyncratrat

Malware Config

Targets

    • Target

      16f110b124d0b30fbffeac0a1b3e0f64.exe

    • Size

      347KB

    • MD5

      16f110b124d0b30fbffeac0a1b3e0f64

    • SHA1

      b3fce7935a3411d1c4a89dab3e1b1d9c6f3422ec

    • SHA256

      ea5f4670002af8c3383f591d38b2ed912d1d2e144df8bf59d849e5c77e9c7de8

    • SHA512

      89e62d516b678963fcea3cfe1bbcc9559ce1f4d908925932a461c07f5c9cb3a46e6ff988889e77a64b2b53a39dc039fbea796bc6738e534939662de414e844a9

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks