General

  • Target

    46356ce64664820165594ed18ec26a90.exe

  • Size

    302KB

  • Sample

    221002-w5gthahacr

  • MD5

    46356ce64664820165594ed18ec26a90

  • SHA1

    4cc931965d09e90eaffca9d3d6e9a3e76a1a4366

  • SHA256

    f06f422d7fc0f07d426965ceccf417598eadb7fcacfbe156dd37d3059669ecc0

  • SHA512

    e725dd10fc4ee0d9429decb52f7fe79b4f1dab5547f19cef1d323e2dcf836d28edf7d1bbaf4090cd1b5f2a3cabb1840dcb1a94513a5f14899e7eedffda08e7f0

Score
10/10

Malware Config

Targets

    • Target

      46356ce64664820165594ed18ec26a90.exe

    • Size

      302KB

    • MD5

      46356ce64664820165594ed18ec26a90

    • SHA1

      4cc931965d09e90eaffca9d3d6e9a3e76a1a4366

    • SHA256

      f06f422d7fc0f07d426965ceccf417598eadb7fcacfbe156dd37d3059669ecc0

    • SHA512

      e725dd10fc4ee0d9429decb52f7fe79b4f1dab5547f19cef1d323e2dcf836d28edf7d1bbaf4090cd1b5f2a3cabb1840dcb1a94513a5f14899e7eedffda08e7f0

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                    Privilege Escalation