General
-
Target
Stub.exe
-
Size
50KB
-
Sample
220705-pc6tlahabq
-
MD5
bd7921622b2027c69a875ef511df23b4
-
SHA1
345b9b24a0c95ff0fa231be7322a675a15d15ece
-
SHA256
d01e1d3d771a443f0fb994b3b3583422124677d4fba4eec14ce6f387e97055c3
-
SHA512
ebe888853f324ee9272c5893fcfc0c4b234eb7a2fed52b91964ccc9b0ad03b259a6e64f78b3de1cc39e1ac4eeb9bae7191850725764b5491572dce9f3c107423
Static task
static1
Behavioral task
behavioral1
Sample
Stub.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Stub.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
asyncrat
| Edit 3LOSH RAT
A_(_C.D.T_)_A
chromedata.accesscam.org:6606
chromedata.accesscam.org:7707
chromedata.accesscam.org:8808
chromedata.accesscam.org:4404
chromedata.accesscam.org:5505
chromedata.accesscam.org:3303
chromedata.accesscam.org:2222
chromedata.accesscam.org:5155
chromedata.accesscam.org:5122
chromedata.accesscam.org:9000
chromedata.accesscam.org:9999
chromedata.accesscam.org:8888
cdt.3utilities.com:6606
cdt.3utilities.com:7707
cdt.3utilities.com:8808
cdt.3utilities.com:4404
cdt.3utilities.com:5505
cdt.3utilities.com:3303
cdt.3utilities.com:2222
cdt.3utilities.com:5155
cdt.3utilities.com:5122
cdt.3utilities.com:9000
cdt.3utilities.com:9999
cdt.3utilities.com:8888
adobedata.webredirect.org:6606
adobedata.webredirect.org:7707
adobedata.webredirect.org:8808
adobedata.webredirect.org:4404
adobedata.webredirect.org:5505
adobedata.webredirect.org:3303
adobedata.webredirect.org:2222
adobedata.webredirect.org:5155
adobedata.webredirect.org:5122
adobedata.webredirect.org:9000
adobedata.webredirect.org:9999
adobedata.webredirect.org:8888
AsyncMutex_6SI8OkPnk
-
delay
3
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
Stub.exe
-
Size
50KB
-
MD5
bd7921622b2027c69a875ef511df23b4
-
SHA1
345b9b24a0c95ff0fa231be7322a675a15d15ece
-
SHA256
d01e1d3d771a443f0fb994b3b3583422124677d4fba4eec14ce6f387e97055c3
-
SHA512
ebe888853f324ee9272c5893fcfc0c4b234eb7a2fed52b91964ccc9b0ad03b259a6e64f78b3de1cc39e1ac4eeb9bae7191850725764b5491572dce9f3c107423
Score10/10-
suricata: ET MALWARE Generic AsyncRAT Style SSL Cert
suricata: ET MALWARE Generic AsyncRAT Style SSL Cert
-
Async RAT payload
-