Overview

overview

10

Static

static

OJSeFyaLzDF0XdG.exe

windows7-x64

10

OJSeFyaLzDF0XdG.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b0a3e7a54417c206be93da0f4f4be8aa344b1895292418946cea2bc85239d10

  • Size

    314KB

  • Sample

    221128-phjk9ace55

  • MD5

    40e86557eb45df7f8e31baa06eca5f19

  • SHA1

    4457337a509171d1a8ee9c6a84aad362dc6b4134

  • SHA256

    5b0a3e7a54417c206be93da0f4f4be8aa344b1895292418946cea2bc85239d10

  • SHA512

    12efb81a4825b27b424cf284cfe364d8e168179ae75429333354146c1bb33c2c59e004b04680e3bda8fc6cabe1a2b70c77e72c30833f608db5d101858fc133be

  • SSDEEP

    6144:YyOuV9BnHxmMI32YRBzlWvz7JkKc3RmDTq9+UCwz/CRKwwcwgRi+3NNwyqBbA21V:Yy5PpHxPOzl+f6KqR2T8+USAwwjmNdN0

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

famous147.ddns.net:8089

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    20

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      OJSeFyaLzDF0XdG.exe

    • Size

      523KB

    • MD5

      62fde40de2248ee19d5c657238b38c5a

    • SHA1

      70fe5d51b3b0bc0a4ea041f134bbbf91c58038c0

    • SHA256

      f0e61a30a68cacde89ef636511dfae2b488bcbe9b47053c3afc0718d66324f70

    • SHA512

      bb6bd64ff64a8729a748889c007ac2b8dc61eef5a181d4e5284f8d03b6e71a974580aec36f8beac7f480fe416fa759756a716894c12c9e9a1320520a9bf39465

    • SSDEEP

      12288:gvYApSXICFZ6kg/gc+nE9xxi1VnXK1EU6fRJ:gjpQICfgyEv

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks