asyncrat | 1c133518d4ae7ae5611e6b8d638df658d0b366d559098863dfd1fdb7118e6b4b | Triage

Sharing

General

Target

1736-115-0x0000000000400000-0x0000000000412000-memory.dmp
Size

72KB
Sample

220630-pn834adae9
MD5

d6ce4f1e44c724ab4bdd27e347de475e
SHA1

16df478c9a69fdff846c4d19ec69e33dc3f80809
SHA256

1c133518d4ae7ae5611e6b8d638df658d0b366d559098863dfd1fdb7118e6b4b
SHA512

d1394831b8fbf678ca7cd0cb615dea542248ae14e99196dd3517955a618bfd3391255d1cfbce6a2c0e0fa858b0f07546b02cd2b31f96ff0685f6cfab7552bc83

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

127.0.0.1:1111

62.197.136.167:6606

62.197.136.167:7707

62.197.136.167:8808

62.197.136.167:1111

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  1736-115-0x0000000000400000-0x0000000000412000-memory.dmp
- Size
  
  72KB
- MD5
  
  d6ce4f1e44c724ab4bdd27e347de475e
- SHA1
  
  16df478c9a69fdff846c4d19ec69e33dc3f80809
- SHA256
  
  1c133518d4ae7ae5611e6b8d638df658d0b366d559098863dfd1fdb7118e6b4b
- SHA512
  
  d1394831b8fbf678ca7cd0cb615dea542248ae14e99196dd3517955a618bfd3391255d1cfbce6a2c0e0fa858b0f07546b02cd2b31f96ff0685f6cfab7552bc83
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ratdefaultasyncrat

behavioral1

behavioral2