asyncrat | bc32129e02e5f9d372e31c083cc330b8fdf18764d4c8165d2a6be55ac1b7096b | Triage

Sharing

General

Target

1296-58-0x0000000000080000-0x0000000000092000-memory.dmp
Size

72KB
Sample

221004-kxq7esafdq
MD5

cfbe2463ac520243f0f6b6ebaee8a709
SHA1

a45cad463e61429dea7539ffdb6757cbc02a5072
SHA256

bc32129e02e5f9d372e31c083cc330b8fdf18764d4c8165d2a6be55ac1b7096b
SHA512

a53fedbece5db476c5a62fb292f72f5fcd193dd6d6ddea5f04744a261b28ab609d28ccf014db22e0a87b033e37a65340e6af7ab5a8ed220d329bcda345279562
SSDEEP

768:fu/6ZTgoiziWUUM9rmo2qrx9qD5ePINzjbcgX3iL0QmqnENnEOCBDZ:fu/6ZTgle2OQnN3bzXSwKMed

Score

10^/10

asyncrat drax rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

drax

C2

azazws6606.linkpc.net:6606

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  1296-58-0x0000000000080000-0x0000000000092000-memory.dmp
- Size
  
  72KB
- MD5
  
  cfbe2463ac520243f0f6b6ebaee8a709
- SHA1
  
  a45cad463e61429dea7539ffdb6757cbc02a5072
- SHA256
  
  bc32129e02e5f9d372e31c083cc330b8fdf18764d4c8165d2a6be55ac1b7096b
- SHA512
  
  a53fedbece5db476c5a62fb292f72f5fcd193dd6d6ddea5f04744a261b28ab609d28ccf014db22e0a87b033e37a65340e6af7ab5a8ed220d329bcda345279562
- SSDEEP
  
  768:fu/6ZTgoiziWUUM9rmo2qrx9qD5ePINzjbcgX3iL0QmqnENnEOCBDZ:fu/6ZTgle2OQnN3bzXSwKMed
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ratdraxasyncrat

behavioral1

behavioral2