Overview

overview

10

Static

static

1

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    1.6MB

  • Sample

    230321-x6g2bsef8w

  • MD5

    d471c60c722d28f48d655e8da694492c

  • SHA1

    84c088150de4279c44bfafde87cb011672014c85

  • SHA256

    da8ab48c3755f40de30675464a882a998a4caedf2de60ce90857d8d78b3887f8

  • SHA512

    575fff6c39f42fd999bde3697201f8db9cdb790bff0aab307d1b564b223df9c574312d44b32132ceb367acadb3f4d8f1fbe4f7c91bef2df6b64ba954479e0d69

  • SSDEEP

    49152:FA2nh+dhFVOS/LrS/sF7l3YHOZ4dpVvnyHBXZBsN52xfmU9N:eldhbOAS/sF7lmOZ41vnyHBTwoxfmU

Score
10/10
asyncratrat

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    45.151.135.235
  • Port:
    21
  • Username:
    123
  • Password:
    123

Extracted

Family

asyncrat

C2

61.160.213.14:8848

Mutex

xihongshi

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      tmp

    • Size

      1.6MB

    • MD5

      d471c60c722d28f48d655e8da694492c

    • SHA1

      84c088150de4279c44bfafde87cb011672014c85

    • SHA256

      da8ab48c3755f40de30675464a882a998a4caedf2de60ce90857d8d78b3887f8

    • SHA512

      575fff6c39f42fd999bde3697201f8db9cdb790bff0aab307d1b564b223df9c574312d44b32132ceb367acadb3f4d8f1fbe4f7c91bef2df6b64ba954479e0d69

    • SSDEEP

      49152:FA2nh+dhFVOS/LrS/sF7l3YHOZ4dpVvnyHBXZBsN52xfmU9N:eldhbOAS/sF7lmOZ41vnyHBTwoxfmU

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks