Overview

overview

10

Static

static

10

0x00090000...58.exe

windows7_x64

10

0x00090000...58.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0x0009000000012733-58.dat

  • Size

    45KB

  • Sample

    220705-ftzbeagbf4

  • MD5

    9b5017883cd13ea9546decba1ff62528

  • SHA1

    0cbb038e3d0e6865fd5ad1d43f5ea710866c9c47

  • SHA256

    611bba464c801c306077e085a40bf91f904ddd1fd503499115d322084c1c4772

  • SHA512

    017efa06cc5b5f8d1bbc103fc649d90eccb0ba982dc80324a4aaa63e6eecf207ac990a8672bd6fff463827b3e04d002941978d34f5b3c79482f4be9f484c51fe

Score
10/10
asyncratdefaultratsuricata

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

104.168.33.32:6606

37.120.212.235:6606
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      0x0009000000012733-58.dat

    • Size

      45KB

    • MD5

      9b5017883cd13ea9546decba1ff62528

    • SHA1

      0cbb038e3d0e6865fd5ad1d43f5ea710866c9c47

    • SHA256

      611bba464c801c306077e085a40bf91f904ddd1fd503499115d322084c1c4772

    • SHA512

      017efa06cc5b5f8d1bbc103fc649d90eccb0ba982dc80324a4aaa63e6eecf207ac990a8672bd6fff463827b3e04d002941978d34f5b3c79482f4be9f484c51fe

    Score
    10/10
    asyncratdefaultratsuricata

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • suricata: ET MALWARE Generic AsyncRAT Style SSL Cert

      suricata: ET MALWARE Generic AsyncRAT Style SSL Cert

      suricata

    • suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)

      suricata: ET MALWARE Observed Malicious SSL Cert (AsyncRAT Server)

      suricata

    • Async RAT payload

      rat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks