General

  • Target

    bKUy.exe

  • Size

    63KB

  • Sample

    230327-12wkpshe4t

  • MD5

    9bd557d5267ebfb6baaf4a21a66ed2c6

  • SHA1

    3c2c2b3bc380622464e99555df6da3a3830b7460

  • SHA256

    486d9c1f259ee472964bf817ed2b8e218440f7b1145230ff8cbba6a3da3c8f55

  • SHA512

    7f5f670e16bf389a46dfe67bbf9e6eea5232054a5014f087e14338c14fe9f4aa7e7cfde783638bea7cb51f648d98c67f1762856a7282bc4276a56435bc4fbde7

  • SSDEEP

    1536:zhp5LrUwk4Xq0WdZeeiMl8GbbXwI1vNGRZVclN:zhp5LrUwk4XqdMeFmGbbXRUzY

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

dcleomessi.duckdns.org:4243

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      bKUy.exe

    • Size

      63KB

    • MD5

      9bd557d5267ebfb6baaf4a21a66ed2c6

    • SHA1

      3c2c2b3bc380622464e99555df6da3a3830b7460

    • SHA256

      486d9c1f259ee472964bf817ed2b8e218440f7b1145230ff8cbba6a3da3c8f55

    • SHA512

      7f5f670e16bf389a46dfe67bbf9e6eea5232054a5014f087e14338c14fe9f4aa7e7cfde783638bea7cb51f648d98c67f1762856a7282bc4276a56435bc4fbde7

    • SSDEEP

      1536:zhp5LrUwk4Xq0WdZeeiMl8GbbXwI1vNGRZVclN:zhp5LrUwk4XqdMeFmGbbXRUzY

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Tasks