Overview

overview

10

Static

static

10

1344-1647-...ry.exe

windows7-x64

10

1344-1647-...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1344-1647-0x00000000035F0000-0x0000000003602000-memory.dmp

  • Size

    72KB

  • Sample

    221107-17t9tscba3

  • MD5

    741684f5d7467dd7fc386d4db87687d4

  • SHA1

    faea8171956df4d62870207dff65f0a003f90ad9

  • SHA256

    11dd7234c6a5943535887b7744013a1996f8d607fd6fcaf1467323b2fa68344f

  • SHA512

    d18344c624f4a9556542c6c3b04783a92d7eadd9725bb1d811364f9cb02e1d1a7139ac3a3e186da88eab6d1d74057fd04894b35d7c4abc2dcf19d9108668d548

  • SSDEEP

    768:vD+q7EILuCCj+Dix/f9ing8Ybigempm6m9Z/vEgK/J7ZVc6KN:7+vrxZzbF3PK/nkJ7ZVclN

Score
10/10
asyncratwindowsdefendersmarttscreenrat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

WindowsDefenderSmarttScreen

C2

217.64.31.3:9742

Mutex

WindowsDefenderSmarttScreen

Attributes
  • delay

    1

  • install

    false

  • install_file

    WindowsDefenderSmarttScreen.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      1344-1647-0x00000000035F0000-0x0000000003602000-memory.dmp

    • Size

      72KB

    • MD5

      741684f5d7467dd7fc386d4db87687d4

    • SHA1

      faea8171956df4d62870207dff65f0a003f90ad9

    • SHA256

      11dd7234c6a5943535887b7744013a1996f8d607fd6fcaf1467323b2fa68344f

    • SHA512

      d18344c624f4a9556542c6c3b04783a92d7eadd9725bb1d811364f9cb02e1d1a7139ac3a3e186da88eab6d1d74057fd04894b35d7c4abc2dcf19d9108668d548

    • SSDEEP

      768:vD+q7EILuCCj+Dix/f9ing8Ybigempm6m9Z/vEgK/J7ZVc6KN:7+vrxZzbF3PK/nkJ7ZVclN

    Score
    10/10
    asyncratwindowsdefendersmarttscreenrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks