Overview

overview

10

Static

static

1

a15f29572a...34.bat

windows7-x64

7

a15f29572a...34.bat

windows10-2004-x64

10

Resubmissions

03/02/2023, 08:55

230203-kvsmgagh21 10

01/02/2023, 04:49

230201-ffm18adg8s 10

01/02/2023, 04:40

230201-fan2bsdg6z 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34.bat

  • Size

    48KB

  • Sample

    230203-kvsmgagh21

  • MD5

    83875df1ddf8a47531e763f5bc140691

  • SHA1

    8d1bc0c5bceedd229b8faaf6542779726188b145

  • SHA256

    a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34

  • SHA512

    e19c020f4fe1922a4adef3dd50851514a99852b7eefa9b74e6e954f941349a60589e171a618423d0029e8d3e8568536026a1012586a74daa4d19a1ebabb701a7

  • SSDEEP

    768:xZZOUUP++sgCpDgSE2WPENq+qrD/PESqitk3Spn1eqy1nUNamt:m+qCNgNgqdj1qitvl

Score
10/10
asyncratrat

Malware Config

Targets

    • Target

      a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34.bat

    • Size

      48KB

    • MD5

      83875df1ddf8a47531e763f5bc140691

    • SHA1

      8d1bc0c5bceedd229b8faaf6542779726188b145

    • SHA256

      a15f29572a149a04d45b8c01daa047ec9f517077a507f8d53ac9b8a8ceed4a34

    • SHA512

      e19c020f4fe1922a4adef3dd50851514a99852b7eefa9b74e6e954f941349a60589e171a618423d0029e8d3e8568536026a1012586a74daa4d19a1ebabb701a7

    • SSDEEP

      768:xZZOUUP++sgCpDgSE2WPENq+qrD/PESqitk3Spn1eqy1nUNamt:m+qCNgNgqdj1qitvl

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks