Overview

overview

10

Static

static

BlitzedGrabberV12.exe

windows10-2004-x64

10

Resources/...le.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    BlitzedV12.rar

  • Size

    6.2MB

  • Sample

    221218-qadkpsca88

  • MD5

    a761c36b5b2d81bfa2324e0151acbf81

  • SHA1

    1ea35051bcbe30cb6a5d97bd3d808932e90309dc

  • SHA256

    198c9594ebe8dd5848bf1bcbeb960c73e3157fd948e0a2d81fefcb01059eee73

  • SHA512

    cbaaee6135f918d12034fc310c912945b6a3f982b1fb7fb3ac44fd03d38cf8f49ca06d261b01c24705f6b96aa1b37b7a202580095a77743c9ce619061d1fe3e2

  • SSDEEP

    196608:ak9zhu/EnipAyVubn1VoJsLm2cMy8RSzGQRt:Xc/KipAZnDRm/8gSSt

Score
10/10
asyncratdefaultratthemida

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

37.19.210.29:60371

Mutex

Microsoft_Supportinstall

Attributes
  • delay

    1

  • install

    true

  • install_file

    FrontEnd.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      BlitzedGrabberV12.exe

    • Size

      4.9MB

    • MD5

      c0183c980180cf92b8e97147ba0d03a3

    • SHA1

      76d3a0dfefdb3ccae572456dda604901975fcd4f

    • SHA256

      43ffd2c3994e283df7cf249b1a7355f45466f60457dc7756b05d5cda7cf73b00

    • SHA512

      bc6caddb6bdcc14876612d0b059edadabc280e6ad2c6df3dacfa366e99ddb61425970bcddc5d29d5aed9480808e1dc855eaf36e026a9d3c6570b6b6ab7c85ba7

    • SSDEEP

      98304:y+49wi73fWclJFwyqVDUjBJkqGTZj8Vu3Bjjd8oJ1jz0n:yR/jfz7ayqVDUjBJBG6o3BmoJ1a

    Score
    10/10
    asyncratdefaultratthemida

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida
    behavioral1

    • Target

      Resources/UltraEmbeddable.exe

    • Size

      465KB

    • MD5

      b6b77d0798d39d7fadd69784c4e47c30

    • SHA1

      967af699bd9e0f2f20b0743323e5cdd6c3767ea2

    • SHA256

      e5c9880090d757207a5cd373f5e1d20c42d7486c742b3a30a2ee741a7aef5ef8

    • SHA512

      5140dcebbeb53c8e74364de824d78d6c5fddcfa08f0ac38ff0d898e71bf4f8630f3b529571a7f64be00981e83af7f85a9b6665aedfaf7f0720995fae8a8e28d6

    • SSDEEP

      12288:MXUNgkAIMflOWTUpGY5ObqRKd6G2nHVxxd/2KO:QUNdJMNOWTUQveYd6fHnxsKO

    Score
    3/10
    behavioral2

MITRE ATT&CK Enterprise v6

Tasks