General

  • Target

    ORDER-MTC04RFQGENZAK1220637501220524622023.exe

  • Size

    887KB

  • Sample

    230307-jp48msgf4y

  • MD5

    95ac8bb99267f46e20857b7caf76a6e0

  • SHA1

    3182546c9062b070561dab1962898a4c0dca6087

  • SHA256

    6a9fbdd219a7ccbb64cdc17ab06f17f2964414c3b4ed5dfe69dac4aafe308300

  • SHA512

    b9edf8b879511d544c37129872081ec6b4273f53a57c285052d9aec0a742898173b098c8e0e18679eb9ad563f0ad42a997ca910a17f38ee93099ceb05b823526

  • SSDEEP

    12288:jUrXlUMk+/FF7phaWVLuIwlAfDbAbg5dMS7TYH5Z8h4R2Yb4cXBZ:jUzlUMkgF7pxVLxDj5dM1H5yYb7XBZ

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

milanooffice.hopto.org:6606

milanooffice.hopto.org:7707

milanooffice.hopto.org:8808

milanooffice.hopto.org:4040

milanooffice.hopto.org:5058

milanooffice.hopto.org:80

51.68.180.4:6606

51.68.180.4:7707

51.68.180.4:8808

51.68.180.4:4040

51.68.180.4:5058

51.68.180.4:80

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    true

  • install_file

    adobe.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      ORDER-MTC04RFQGENZAK1220637501220524622023.exe

    • Size

      887KB

    • MD5

      95ac8bb99267f46e20857b7caf76a6e0

    • SHA1

      3182546c9062b070561dab1962898a4c0dca6087

    • SHA256

      6a9fbdd219a7ccbb64cdc17ab06f17f2964414c3b4ed5dfe69dac4aafe308300

    • SHA512

      b9edf8b879511d544c37129872081ec6b4273f53a57c285052d9aec0a742898173b098c8e0e18679eb9ad563f0ad42a997ca910a17f38ee93099ceb05b823526

    • SSDEEP

      12288:jUrXlUMk+/FF7phaWVLuIwlAfDbAbg5dMS7TYH5Z8h4R2Yb4cXBZ:jUzlUMkgF7pxVLxDj5dM1H5yYb7XBZ

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks