General

  • Target

    penis.exe

  • Size

    63KB

  • Sample

    220125-n1tcqsfdam

  • MD5

    8c64f3ff9822a96dedce0f5092524482

  • SHA1

    c0c0e733c5c057af538a861e1e87b0b77355667d

  • SHA256

    8e816710624f15fee0d69bfff4a809e9a038fd58350e60bc0b798cd0dddb652f

  • SHA512

    835d50a02d45b487c8b7757ac17e361f877df5e3037891c924321035862e0249e91e4dd495403338553e78f3f6f79bee13c73c8dd764c51c966a2dcbb5075f42

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

nibba

C2

0x0x0pp.duckdns.org:4444

Mutex

adswMutex_qwqdanchun

Attributes
  • anti_vm

    false

  • bsod

    false

  • delay

    1

  • install

    false

  • install_file

    svcs.exe

  • install_folder

    %AppData%

  • pastebin_config

    null

aes.plain

Targets

    • Target

      penis.exe

    • Size

      63KB

    • MD5

      8c64f3ff9822a96dedce0f5092524482

    • SHA1

      c0c0e733c5c057af538a861e1e87b0b77355667d

    • SHA256

      8e816710624f15fee0d69bfff4a809e9a038fd58350e60bc0b798cd0dddb652f

    • SHA512

      835d50a02d45b487c8b7757ac17e361f877df5e3037891c924321035862e0249e91e4dd495403338553e78f3f6f79bee13c73c8dd764c51c966a2dcbb5075f42

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

    • Async RAT payload

MITRE ATT&CK Matrix

Tasks