Overview

overview

10

Static

static

0e39c13df6...7d.exe

windows7-x64

10

0e39c13df6...7d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0e39c13df6e665fe636925b916dfb37d.exe

  • Size

    49KB

  • Sample

    220919-2fcq5sfbhq

  • MD5

    0e39c13df6e665fe636925b916dfb37d

  • SHA1

    c035e4b63cf44274c25de6d39142a950f73cab47

  • SHA256

    be57c6215f5b0a2080824681ffec6de9c9ce83a7fa5f530b314f770c62a035c3

  • SHA512

    3029af203e63630f682df794248ef2270c3d5f872971975631fe0c1300f2d4776ec25ec13ab5fe9d6ac74335db5d82b027136e0411bf743452d13e0cdac2af02

  • SSDEEP

    768:MUSkp8Mbbx4h6+ACLcPpS2APqlfzQPIS7bEjrVlPelKg/eXl4QNBDZHx:MULmeXCLcPE2ASReYjrDceV4QDdHx

Score
10/10
asyncratrat

Malware Config

Targets

    • Target

      0e39c13df6e665fe636925b916dfb37d.exe

    • Size

      49KB

    • MD5

      0e39c13df6e665fe636925b916dfb37d

    • SHA1

      c035e4b63cf44274c25de6d39142a950f73cab47

    • SHA256

      be57c6215f5b0a2080824681ffec6de9c9ce83a7fa5f530b314f770c62a035c3

    • SHA512

      3029af203e63630f682df794248ef2270c3d5f872971975631fe0c1300f2d4776ec25ec13ab5fe9d6ac74335db5d82b027136e0411bf743452d13e0cdac2af02

    • SSDEEP

      768:MUSkp8Mbbx4h6+ACLcPpS2APqlfzQPIS7bEjrVlPelKg/eXl4QNBDZHx:MULmeXCLcPE2ASReYjrDceV4QDdHx

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks