asyncrat | 14396a7713bae3b83f68380ae17757266ca9ccc2d9a11c50e0b075f6c9a95d09 | Triage

Sharing

General

Target

1968-62-0x0000000000400000-0x0000000000412000-memory.dmp
Size

72KB
Sample

220926-25acbacbc7
MD5

5bc3dbf7b7bb77e42b21842db1b24536
SHA1

5f65ca8ca038c86ac6159c93f184717864c55396
SHA256

14396a7713bae3b83f68380ae17757266ca9ccc2d9a11c50e0b075f6c9a95d09
SHA512

8ec495b4e61e5358401dd6926b22b072f157025e658baef3f4dc843a4f6fa281790630a3bc00419643c886288b231bcf3de71e582b45c5fb3273dc5cf093b42a
SSDEEP

768:dVbfPq7iV6eXfwtFpycDi+tCRjq5zshQqHEoQ7UZBb9gJLfrLqpw89G+kU:dVDPqGV6jygCjq5z3abqJbq+yG+kU

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

20.171.107.243:6606

20.171.107.243:7707

20.171.107.243:8808

rositxado.tk:6606

rositxado.tk:7707

rositxado.tk:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  1968-62-0x0000000000400000-0x0000000000412000-memory.dmp
- Size
  
  72KB
- MD5
  
  5bc3dbf7b7bb77e42b21842db1b24536
- SHA1
  
  5f65ca8ca038c86ac6159c93f184717864c55396
- SHA256
  
  14396a7713bae3b83f68380ae17757266ca9ccc2d9a11c50e0b075f6c9a95d09
- SHA512
  
  8ec495b4e61e5358401dd6926b22b072f157025e658baef3f4dc843a4f6fa281790630a3bc00419643c886288b231bcf3de71e582b45c5fb3273dc5cf093b42a
- SSDEEP
  
  768:dVbfPq7iV6eXfwtFpycDi+tCRjq5zshQqHEoQ7UZBb9gJLfrLqpw89G+kU:dVDPqGV6jygCjq5z3abqJbq+yG+kU
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ratdefaultasyncrat

behavioral1

behavioral2