asyncrat | ca996879772f9d586eb1587fba81f50452692bb8abb01e0569c67e357b11de06 | Triage

Sharing

General

Target

764-290-0x0000000000400000-0x0000000000412000-memory.dmp
Size

72KB
Sample

230218-cflllsaa3z
MD5

9a86660e18faf7931b15f9c41db14b38
SHA1

caea2e7dfa1873330adef8739c1bf18b651fefc7
SHA256

ca996879772f9d586eb1587fba81f50452692bb8abb01e0569c67e357b11de06
SHA512

f72be997ff39f1a132d512d261cdaa7719abe8aba648b9e57808e8a566f182bb3121103d04ce72f8a8aed715743550b4071f5cfe978bc8b7612c6234e1e774b9
SSDEEP

1536:iukzVT0Mq12MH2OCw3bsXS3EFoB7TeVUdmx:iukxT0MY2U7Cw3bsIky7EUsx

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

100.42.65.218:8080

100.42.65.218:6606

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_file
winsyd.exe
install_folder
%AppData%

aes.plain

Targets

- Target
  
  764-290-0x0000000000400000-0x0000000000412000-memory.dmp
- Size
  
  72KB
- MD5
  
  9a86660e18faf7931b15f9c41db14b38
- SHA1
  
  caea2e7dfa1873330adef8739c1bf18b651fefc7
- SHA256
  
  ca996879772f9d586eb1587fba81f50452692bb8abb01e0569c67e357b11de06
- SHA512
  
  f72be997ff39f1a132d512d261cdaa7719abe8aba648b9e57808e8a566f182bb3121103d04ce72f8a8aed715743550b4071f5cfe978bc8b7612c6234e1e774b9
- SSDEEP
  
  1536:iukzVT0Mq12MH2OCw3bsXS3EFoB7TeVUdmx:iukxT0MY2U7Cw3bsIky7EUsx
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ratdefaultasyncrat

behavioral1

behavioral2