General

  • Target

    8db2a00346e1f71bbef2ee20782bbd06.bin

  • Size

    23KB

  • Sample

    230331-b6jz2ahe91

  • MD5

    459fddfaef5132d9f6a33d042a167cc9

  • SHA1

    45567208b8dbec6e962a1b366c9eda76259f70db

  • SHA256

    b410d0a6830ecbfa6b7a05c2fe53ad999a12c7aec0250614e27ad31aa018b2c1

  • SHA512

    30255fcc2542536614e10da9334b236e1844a01671d8b7110497e929d72f91885f82252788d237d59b9a033047412ea43ce48ac91d60c33fc10e1f4eea8d0f3e

  • SSDEEP

    384:lzCjp5FpPlUhNojg6KAKPuZWvxGSzcSlCa1t7/10r+eGlIbLxrqbAi0sAVE3/E3:lYuvo06HWvxNwSlCAt7SrRfxqfkEW

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

127.0.0.1:8848

127.0.0.1:33901

spring-consultation.at.ply.gg:8848

spring-consultation.at.ply.gg:33901

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      d0279ffc1699fc3ea4bf32245326f6eb7dbc78aa14e221e7369c7131b057c4ff.exe

    • Size

      48KB

    • MD5

      8db2a00346e1f71bbef2ee20782bbd06

    • SHA1

      d4268a671b6799d9788915ce18ef3374da3ed0bd

    • SHA256

      d0279ffc1699fc3ea4bf32245326f6eb7dbc78aa14e221e7369c7131b057c4ff

    • SHA512

      d5720550ce290051eab4554a614e230e1a78084526ce45c1e70545d164ce3211a6932846d5dca89471bffd06a4fbd719aa9b853d14c32787abe90bcad301a528

    • SSDEEP

      768:Z9umxLiIL1CaS+Dimhs1+Ei7dYbIgeGTTQhvEgK/JzZVc6KN:Z9uAPWm++rmbf5TGnkJzZVclN

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

MITRE ATT&CK Matrix

Tasks