General

  • Target

    RAT XD.exe

  • Size

    48KB

  • Sample

    230306-a6m61shd9z

  • MD5

    c8ebe326ef9b748d0eab002bdc8e8734

  • SHA1

    85b44f0a11297cf0225570d073071d2b95259184

  • SHA256

    b67eb00e04092b46c94e2ad4bb0b0a6f2443320093055c5fbf9af3c146c927ff

  • SHA512

    9965b2a8ae764dc28f5cdc324a3bd02323c8a863fa31a3690b0551f2e5c71656eab6da427ec004aea0a65f38f181192c8153f1a55d02b805d32e6af5c617b113

  • SSDEEP

    768:hpyVJ1PILsm4Y+jijtGAgiFnYb4ge3SfaKvEgK/JBhVc6KN:hpyNBwjtGWYbvCSyKnkJBhVclN

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

jjajajajajadsdwasd-27002.portmap.host:27002

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_file

    Microsoft helper.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      RAT XD.exe

    • Size

      48KB

    • MD5

      c8ebe326ef9b748d0eab002bdc8e8734

    • SHA1

      85b44f0a11297cf0225570d073071d2b95259184

    • SHA256

      b67eb00e04092b46c94e2ad4bb0b0a6f2443320093055c5fbf9af3c146c927ff

    • SHA512

      9965b2a8ae764dc28f5cdc324a3bd02323c8a863fa31a3690b0551f2e5c71656eab6da427ec004aea0a65f38f181192c8153f1a55d02b805d32e6af5c617b113

    • SSDEEP

      768:hpyVJ1PILsm4Y+jijtGAgiFnYb4ge3SfaKvEgK/JBhVc6KN:hpyNBwjtGWYbvCSyKnkJBhVclN

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

MITRE ATT&CK Enterprise v6

Tasks