Overview

overview

10

Static

static

a.exe

windows7-x64

10

a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a.exe

  • Size

    1.4MB

  • Sample

    221203-jttmpsfh79

  • MD5

    8a627782b855f06a3d6d273d11f04f46

  • SHA1

    30570c697533fc3fc7a19ad5d4bc3753f2cf1c0b

  • SHA256

    f0b7a0368fc27d98d42efd4e9c9dd2c252e5fcaaf13ffd67b3c545ec5b1c53e9

  • SHA512

    211fed71bcb75201380921a7de7bf8b88c451a5125f751be616a1775ad3c6a1d59ecc77aa997b053583c1a7d6419e4cfa8ff9bc99d50d1440bf34943d2c1a578

  • SSDEEP

    24576:xirh2DKsuoIj4G6KFined4e5+MRicaRT4D2aKpq9ZEjrTnFOyzhyz:Ir0DfFpG6S68+KaRTWNKpEEfTnF

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

XieBroRAT-1.7

Botnet

Default

C2

127.0.0.1:8880

8079048a.e2.luyouxia.net:8880
Mutex

gorousdwoqxqqq

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      a.exe

    • Size

      1.4MB

    • MD5

      8a627782b855f06a3d6d273d11f04f46

    • SHA1

      30570c697533fc3fc7a19ad5d4bc3753f2cf1c0b

    • SHA256

      f0b7a0368fc27d98d42efd4e9c9dd2c252e5fcaaf13ffd67b3c545ec5b1c53e9

    • SHA512

      211fed71bcb75201380921a7de7bf8b88c451a5125f751be616a1775ad3c6a1d59ecc77aa997b053583c1a7d6419e4cfa8ff9bc99d50d1440bf34943d2c1a578

    • SSDEEP

      24576:xirh2DKsuoIj4G6KFined4e5+MRicaRT4D2aKpq9ZEjrTnFOyzhyz:Ir0DfFpG6S68+KaRTWNKpEEfTnF

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks