Overview

overview

10

Static

static

10

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    24/11/2022, 04:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5d7c4fd868e99334df95874c2c97f7e4ec2899e50fc482e637f5540d63032087.exe

  • Size

    47KB

  • MD5

    bb4d6b0c6fedb67decb7e721d2e9304c

  • SHA1

    84b9f1a109e5f0e6a7c372469c60e48054e435f8

  • SHA256

    5d7c4fd868e99334df95874c2c97f7e4ec2899e50fc482e637f5540d63032087

  • SHA512

    146cbfc1c5252158b1f02faf40a52394efed540a3317aa4adfa780993396a802b80203959d93d7ea25e0491d7990f904a9d21831cfb662f13c53e1313b7a50a0

  • SSDEEP

    768:xmZztILg+kM+biPdPix79i5imVzAYblgex2cqDM57MvEgK/JLZVc6KN:0ZP0RS8xVzvbi3a7MnkJLZVclN

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

193.149.3.239:1938

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_file

    Yılanoyunu.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Async RAT payload 1 IoCs
    rat

Processes

  • C:\Users\Admin\AppData\Local\Temp\5d7c4fd868e99334df95874c2c97f7e4ec2899e50fc482e637f5540d63032087.exe
    "C:\Users\Admin\AppData\Local\Temp\5d7c4fd868e99334df95874c2c97f7e4ec2899e50fc482e637f5540d63032087.exe"
    1⤵
      PID:4264

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/4264-120-0x0000000000B60000-0x0000000000B72000-memory.dmp

            Filesize

            72KB

            Download