Overview

overview

10

Static

static

10

netflix.exe

windows7-x64

10

netflix.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    netflix.exe

  • Size

    236KB

  • MD5

    8dfe7d5e97b3b58c7b8f4f48bb19b452

  • SHA1

    80c63fecc83975a938e997050f5a265d8c0be7a0

  • SHA256

    c0a7d99d37037db2f81da99a69917d62f15d3153968b85e490e004b06025c482

  • SHA512

    fc82768bc2606b5469aebac2437ff2aafaf6033b11f38492e4d20c877e94c20a169b0fc8084499f44a7a185a9f3d7181a074815eb076d0f3e38e711af94aa2c6

  • SSDEEP

    3072:q+STW8djpN6izj8mZwm4nCFKcV9DIY/qIPu/i9bkJ2ckk/k6+Wpx3QWOVFc:X8XN6W8mmmprR/XPSi9bw603QWOVF

Score
10/10
ratdefaultasyncratstormkitty

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

https://api.telegram.org/bot5727975090:AAHtVZVlSlmzYWlP3I0XhYnS7hRNbseIcCA/sendMessage?chat_id=5700309743
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • StormKitty payload 1 IoCs
  • Stormkitty family
    stormkitty

Files

  • netflix.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections