General

  • Target

    81290da803280299a1cdc53cdb312c16d2fa0110e2efd0414ff54c1f8f6cc44d

  • Size

    591KB

  • Sample

    230129-1bmj4seh6w

  • MD5

    c27ab9b8069df687bbd37bad8cd4799b

  • SHA1

    8b57a7d6e4b39caf209d2796a7f395295e224512

  • SHA256

    81290da803280299a1cdc53cdb312c16d2fa0110e2efd0414ff54c1f8f6cc44d

  • SHA512

    1bb59840a3c6382dc89195ecdd569f07eeafada67c88f82a9efd8cd585acb42bc02ca3ace178d3c525baec53a62a52b80cc49eca7779d897d5b3015dc5002077

  • SSDEEP

    12288:4tzGnxqi5NXwVpwUZROtraxJET5EWWPENuutR2TT1+qVbhCu5oFX8VXJzsum:4slNXwVpQ8c6bwFEXhCu5o98VXJzHm

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

144.202.75.107:6606

144.202.75.107:7707

144.202.75.107:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_file

    Makro.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      81290da803280299a1cdc53cdb312c16d2fa0110e2efd0414ff54c1f8f6cc44d

    • Size

      591KB

    • MD5

      c27ab9b8069df687bbd37bad8cd4799b

    • SHA1

      8b57a7d6e4b39caf209d2796a7f395295e224512

    • SHA256

      81290da803280299a1cdc53cdb312c16d2fa0110e2efd0414ff54c1f8f6cc44d

    • SHA512

      1bb59840a3c6382dc89195ecdd569f07eeafada67c88f82a9efd8cd585acb42bc02ca3ace178d3c525baec53a62a52b80cc49eca7779d897d5b3015dc5002077

    • SSDEEP

      12288:4tzGnxqi5NXwVpwUZROtraxJET5EWWPENuutR2TT1+qVbhCu5oFX8VXJzsum:4slNXwVpQ8c6bwFEXhCu5o98VXJzHm

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

    • Async RAT payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks