Overview

overview

10

Static

static

10

532-234-0x...ry.exe

windows7-x64

532-234-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    532-234-0x0000000000400000-0x0000000000414000-memory.dmp

  • Size

    80KB

  • Sample

    230323-g9esdaga3t

  • MD5

    ae2c10afceb71583e7f745e1e9268de7

  • SHA1

    c402dd56a25f952ade58433b1a46d0439f5b5c43

  • SHA256

    b09a16f6ca2d5d6186ac55a7ef991bca00e9feb824361213d25c9f4a4a85e623

  • SHA512

    3a6bec6f363784c2c4c2dedc5752d16d9cfa311b2e469982d27b46613022a4aaa8ba803f39cb3a057acb9e8744cd834fe74c22defc355cfc9bccc6b6b3d2e56d

  • SSDEEP

    1536:liiNb8k5R50WMqCqKbw1tFL+OB9isiq7Dx:liit8k5R50LqKbwhL+O7+qXx

Score
10/10
asyncratnewmekharat

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

newmekha

C2

pop11.linkpc.net:6606

pop11.linkpc.net:6666

pop11.linkpc.net:7707

pop11.linkpc.net:8808

198.244.206.24:6606

198.244.206.24:6666

198.244.206.24:7707

198.244.206.24:8808
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      532-234-0x0000000000400000-0x0000000000414000-memory.dmp

    • Size

      80KB

    • MD5

      ae2c10afceb71583e7f745e1e9268de7

    • SHA1

      c402dd56a25f952ade58433b1a46d0439f5b5c43

    • SHA256

      b09a16f6ca2d5d6186ac55a7ef991bca00e9feb824361213d25c9f4a4a85e623

    • SHA512

      3a6bec6f363784c2c4c2dedc5752d16d9cfa311b2e469982d27b46613022a4aaa8ba803f39cb3a057acb9e8744cd834fe74c22defc355cfc9bccc6b6b3d2e56d

    • SSDEEP

      1536:liiNb8k5R50WMqCqKbw1tFL+OB9isiq7Dx:liit8k5R50LqKbwhL+O7+qXx

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks