General
-
Target
stage6.bin.exe
-
Size
66KB
-
MD5
f29318a6544eced0304ff4feacfe270f
-
SHA1
7ab71653fbcf25184c7408194d3b9aed1242f266
-
SHA256
169f5dbcd664c0b4fd65233e553ff605b30e974b6b16c90a1fb03404f1b01980
-
SHA512
1c7a6c0c994bf8ff2f2c3262b8c4f88804aba6e55a8d5430d02a7e26577ebfcf2fed7c3ac0008f93c40c28e9828590a8325481551dfeba2cd797c42a9ea088f2
-
SSDEEP
1536:MfPVvuB3BPTrF+HcxbFyYDvmFhep3Mf+:Mfts3BPT5+8xbF/v4m
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
v0.2
Botnet
jan29
C2
windowsupdatecdn.cn:456
gjghvga7ffgb.xyz:456
huugbbvuay4.cn:456
Mutex
afgj6j3umd5uk
Attributes
-
delay
3
-
install
false
-
install_folder
%AppData%
aes.plain
Signatures
-
Async RAT payload 1 IoCs
-
Asyncrat family
Files
-
stage6.bin.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections