General

  • Target

    Ta.zip

  • Size

    2.4MB

  • Sample

    230425-tbxazsbc59

  • MD5

    44af1bf0df36ae50c1195b9331dbef1d

  • SHA1

    a2ab6964d5aeb57f3f54d59b0af4eb76e843f902

  • SHA256

    f37bd1c01d5b6e9b5d0cab196b7808994af8daecfd25231846d1f49f7e1a092b

  • SHA512

    6f212279f59a8a312a2a58bca05fb567623c80a6a156e1913855ba8d98c7a090c47098480c5212a65573842d0f69deb2d32d28521cb49971dddc52bb4baf295c

  • SSDEEP

    12288:9CDxdEl2aB9GfUh2m3Nx+3ezaBn6quJqm1xEsDO/AAO4CW+1RjxGD:9CDxul2aB9RhBb+ylysCAsCpxGD

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

45.81.243.217:6606

45.81.243.217:7707

45.81.243.217:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Ta.exe

    • Size

      1024.0MB

    • MD5

      4e021298f15e0668260f9d3e60656fc0

    • SHA1

      4d92312025ea9e770d349179704e7e15b849f424

    • SHA256

      52347bf9c35de733f0ee41dd83e2b1073551fcc5179895a5b217fcb5820f413e

    • SHA512

      e8c1477b11fe8e8cb091f5b895bbcc8fa44275c4d5de1bd1d7621d7b9ec291f184ccfd16060ee438d1136b3a889b056d347cb0b667b63b1d3a581aeaf69d308c

    • SSDEEP

      12288:A4mT/RcXtvyJdBQhXVQpwDv4alfZqby13caYgd2DJfYghzmr:A4C/6XtvWBmQpwT4gcaYgd2f6r

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks