Overview

overview

10

Static

static

WT2lH6ZAAx8eKUZ.exe

windows7_x64

10

WT2lH6ZAAx8eKUZ.exe

windows10-2004_x64

1

Resubmissions

21-01-2022 05:27

220121-f5q46sdhc7 10

21-01-2022 03:41

220121-d8r5jadbhn 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WT2lH6ZAAx8eKUZ.exe

  • Size

    1.1MB

  • Sample

    220121-d8r5jadbhn

  • MD5

    e53db947fce99439608c9a9553f69498

  • SHA1

    95375e0e9ccf538d02b37ece3f6f9abc069d28b2

  • SHA256

    17cb794e094d6cf35a700c399316360eb20eb235be61377ffd6dd0022ac3bb5f

  • SHA512

    2f49647eabd7b743c265ebcd3f5c1e4ac4d315594558b3ca4214db8f0aa22ac57062ac9930e01b2ce4836db54e65bcc77f0d6e9106f64b14239b600e84fc315a

Score
10/10
asyncratrat

Malware Config

Targets

    • Target

      WT2lH6ZAAx8eKUZ.exe

    • Size

      1.1MB

    • MD5

      e53db947fce99439608c9a9553f69498

    • SHA1

      95375e0e9ccf538d02b37ece3f6f9abc069d28b2

    • SHA256

      17cb794e094d6cf35a700c399316360eb20eb235be61377ffd6dd0022ac3bb5f

    • SHA512

      2f49647eabd7b743c265ebcd3f5c1e4ac4d315594558b3ca4214db8f0aa22ac57062ac9930e01b2ce4836db54e65bcc77f0d6e9106f64b14239b600e84fc315a

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks