General

  • Target

    3296-147-0x0000000000400000-0x000000000043A000-memory.dmp

  • Size

    232KB

  • Sample

    230307-jxktzahc88

  • MD5

    1097159c8d7d96f8c25fce7ec8f95dff

  • SHA1

    46f922d7f3cd8222359a73367c3a773d8aadc3d9

  • SHA256

    94d1160b0d7f3adba5141d45a3b64071ddd9cc2da817851b2305a04de22931e2

  • SHA512

    6c36c4b3ea54441564b7bed7670faa5ed3f7f2eb16075eb8551114ed2fd0dc8ee5746ac3d53977ff7076823cdbc96015f2133002145aa36637707d05146ac7f7

  • SSDEEP

    1536:2uWq1T1PsC2N20BWbbxXSOx2qqWV+Gds/NZSx:2uWGT1Pd24MWbbx8lGu/ex

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

milanooffice.hopto.org:6606

milanooffice.hopto.org:7707

milanooffice.hopto.org:8808

milanooffice.hopto.org:4040

milanooffice.hopto.org:5058

milanooffice.hopto.org:80

51.68.180.4:6606

51.68.180.4:7707

51.68.180.4:8808

51.68.180.4:4040

51.68.180.4:5058

51.68.180.4:80

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    true

  • install_file

    adobe.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      3296-147-0x0000000000400000-0x000000000043A000-memory.dmp

    • Size

      232KB

    • MD5

      1097159c8d7d96f8c25fce7ec8f95dff

    • SHA1

      46f922d7f3cd8222359a73367c3a773d8aadc3d9

    • SHA256

      94d1160b0d7f3adba5141d45a3b64071ddd9cc2da817851b2305a04de22931e2

    • SHA512

      6c36c4b3ea54441564b7bed7670faa5ed3f7f2eb16075eb8551114ed2fd0dc8ee5746ac3d53977ff7076823cdbc96015f2133002145aa36637707d05146ac7f7

    • SSDEEP

      1536:2uWq1T1PsC2N20BWbbxXSOx2qqWV+Gds/NZSx:2uWGT1Pd24MWbbx8lGu/ex

    Score
    1/10

MITRE ATT&CK Matrix

Tasks