General
-
Target
0x00060000000149b7-59.dat
-
Size
45KB
-
MD5
e5202a81e3434a6366183d801bb0e74d
-
SHA1
0e3533153358095ab159ca93cddb51820283e285
-
SHA256
ee8653fa6bffe88ca340b608cd12c462bd93ef93f60aac80e1c74809486e8af0
-
SHA512
b0f9c64876192f7d1044ed9165327954c3b747a50a22c455a838294e8d36762e8a3a4a56cc9c4381cd24cb929cd4f84d106beb663ba927e9436321159ee510cb
-
SSDEEP
768:HuSgNT3ol7xWUpe+7mo2qLHUPIt2OFPIrzjbhgX3iZqd9OFsZyNLQmBDZjx:HuSgNT3K52wH2OCr3bOXSwnOiZ09djx
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
0.5.7B
Botnet
Default
C2
egodds.longmusic.com:6606
egodds.longmusic.com:7707
egodds.longmusic.com:8808
Mutex
AsyncMutex_6SI8OkPnk
Attributes
-
delay
3
-
install
true
-
install_file
oyy.exe
-
install_folder
%AppData%
aes.plain
Signatures
-
Async RAT payload 1 IoCs
-
Asyncrat family
Files
-
0x00060000000149b7-59.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections