Overview

overview

10

Static

static

1

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    1.6MB

  • Sample

    230325-h5cynabf48

  • MD5

    5678ffe992f1f9fb474f53a53d9bc80e

  • SHA1

    f9de2ca090a9a7a923d3f9601f5770c2e5aa522a

  • SHA256

    e078e95b10f73c4cb6f5071328c9e82549ef9b29db19676211325e32daeb29ac

  • SHA512

    e4e54c1f4cf8ea1f93433fa6527f5b4a940b2ebc9ec9f9569f83e5279959f02caa884c73074815ab7a2b049a05a63326686880852478ad8d2e02df933c23518e

  • SSDEEP

    49152:PGzhJUJm6XH9st815Vf7gAGTd6lombxArJkEmdW1uiOf5XXEkbmt:OTUJm6NK815Vf7gfd6lVxArJk5YuHf5H

Score
10/10
asyncratrat

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    45.151.135.235
  • Port:
    21
  • Username:
    123
  • Password:
    123

Extracted

Family

asyncrat

C2

103.148.186.105:8848

Mutex

发我沙发沙发擦

Attributes
  • delay

    1

  • install

    false

  • install_file

    202303024.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      tmp

    • Size

      1.6MB

    • MD5

      5678ffe992f1f9fb474f53a53d9bc80e

    • SHA1

      f9de2ca090a9a7a923d3f9601f5770c2e5aa522a

    • SHA256

      e078e95b10f73c4cb6f5071328c9e82549ef9b29db19676211325e32daeb29ac

    • SHA512

      e4e54c1f4cf8ea1f93433fa6527f5b4a940b2ebc9ec9f9569f83e5279959f02caa884c73074815ab7a2b049a05a63326686880852478ad8d2e02df933c23518e

    • SSDEEP

      49152:PGzhJUJm6XH9st815Vf7gAGTd6lombxArJkEmdW1uiOf5XXEkbmt:OTUJm6NK815Vf7gfd6lVxArJk5YuHf5H

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks