Overview

overview

10

Static

static

1

dotNetLoader.exe

windows7-x64

3

dotNetLoader.exe

windows10-2004-x64

10

Resubmissions

13-02-2023 08:58

230213-kxd7vscb35 10

10-02-2023 22:44

230210-2n46csgg5w 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dotNetLoader.bin

  • Size

    137KB

  • Sample

    230210-2n46csgg5w

  • MD5

    4a500e5d391f84b7c4e93b767964c0d8

  • SHA1

    a4f090fd514cc9e59c62b8956eb95dab6106d760

  • SHA256

    3c37d7351c091a9c2fce72ecde4bcd1265f148dc3b77017d468e08741091bc50

  • SHA512

    8dfc13eb5a573d900ed4722b53ff10095a2391c91c490878808461275f4e6acff8896b1ffabe37b593eaa1cbb3b1b3d86f91abcf8950a51874699a98a69ef283

  • SSDEEP

    3072:sOkOF8tLK2I3ORbspUy3r5c61aW4zOEbwG/EiLQPsIZlglo7Y91:sOkOF8Ne3xSy3r5VoW32EP7klt9

Score
10/10
asyncratrat

Malware Config

Targets

    • Target

      dotNetLoader.bin

    • Size

      137KB

    • MD5

      4a500e5d391f84b7c4e93b767964c0d8

    • SHA1

      a4f090fd514cc9e59c62b8956eb95dab6106d760

    • SHA256

      3c37d7351c091a9c2fce72ecde4bcd1265f148dc3b77017d468e08741091bc50

    • SHA512

      8dfc13eb5a573d900ed4722b53ff10095a2391c91c490878808461275f4e6acff8896b1ffabe37b593eaa1cbb3b1b3d86f91abcf8950a51874699a98a69ef283

    • SSDEEP

      3072:sOkOF8tLK2I3ORbspUy3r5c61aW4zOEbwG/EiLQPsIZlglo7Y91:sOkOF8Ne3xSy3r5VoW32EP7klt9

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers.

      ratasyncrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks