Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    363KB

  • Sample

    221128-l5m1eaag7s

  • MD5

    8fd9d9f8b6259e5e2eb5648b7db40733

  • SHA1

    61ca93864ded26999f7a41db60a5c0737421a8c4

  • SHA256

    8d69095834bac3c4cc270b37c761cc10a1279c659dd8c77b82f86e45274a313a

  • SHA512

    81edf1ab2758b73a185430e845be95d56ed7b9375ea49adbac76dec1306a68f4795ea1d330bc80517a2303f67154f90eeb845847a055863e96927e610b33e746

  • SSDEEP

    6144:grXQlEcjUxw3NrtRI+Z98d2qqU61rZLBteQpnAYxUx9:grXQlxjvp8YqqLt3te4ABx

Score
10/10
asyncratinstallsrat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Installs

C2

185.81.157.202:5555

Mutex

E786210B-B764-434F-8BB7-DD5EBC016A57

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      file.exe

    • Size

      363KB

    • MD5

      8fd9d9f8b6259e5e2eb5648b7db40733

    • SHA1

      61ca93864ded26999f7a41db60a5c0737421a8c4

    • SHA256

      8d69095834bac3c4cc270b37c761cc10a1279c659dd8c77b82f86e45274a313a

    • SHA512

      81edf1ab2758b73a185430e845be95d56ed7b9375ea49adbac76dec1306a68f4795ea1d330bc80517a2303f67154f90eeb845847a055863e96927e610b33e746

    • SSDEEP

      6144:grXQlEcjUxw3NrtRI+Z98d2qqU61rZLBteQpnAYxUx9:grXQlxjvp8YqqLt3te4ABx

    Score
    10/10
    asyncratinstallsrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks