Overview

overview

10

Static

static

10

6ba563174b...80.exe

windows7_x64

10

6ba563174b...80.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ba563174ba2887b5a2557c19c99be673cbe91010620670e1d7d26c71a012980

  • Size

    48KB

  • Sample

    220201-gkkmbsaca8

  • MD5

    b419d03103d2ded97801b9ca85709e48

  • SHA1

    5de1b7939a7c6e2478a3e312cdab21649e5cd85f

  • SHA256

    6ba563174ba2887b5a2557c19c99be673cbe91010620670e1d7d26c71a012980

  • SHA512

    f620ca62c2eed661eb9b90f97f8dcbd20fb0e46d1a40740bcac67dbc618500a4e7ffe8b2c0422fec0c3b4a413ec24929f716da654e04a06bc2f9a8b37f79481a

Score
10/10
asyncratpersistencerat

Malware Config

Targets

    • Target

      6ba563174ba2887b5a2557c19c99be673cbe91010620670e1d7d26c71a012980

    • Size

      48KB

    • MD5

      b419d03103d2ded97801b9ca85709e48

    • SHA1

      5de1b7939a7c6e2478a3e312cdab21649e5cd85f

    • SHA256

      6ba563174ba2887b5a2557c19c99be673cbe91010620670e1d7d26c71a012980

    • SHA512

      f620ca62c2eed661eb9b90f97f8dcbd20fb0e46d1a40740bcac67dbc618500a4e7ffe8b2c0422fec0c3b4a413ec24929f716da654e04a06bc2f9a8b37f79481a

    Score
    10/10
    asyncratratpersistence

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Sets service image path in registry

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks