General

  • Target

    3148-172-0x0000000000400000-0x0000000000416000-memory.dmp

  • Size

    88KB

  • Sample

    230501-fyy67see46

  • MD5

    26a0162378d4b0f77252007366e09daa

  • SHA1

    13e04efc9d498379afb0976362e59dc661bb03ca

  • SHA256

    64743f796733b414b1d99bebc0116e9d98540d16e529d7ad5f9eb6e6f273b075

  • SHA512

    1a390ee6b3d027f05b1aac75b5f3d606a12e52e8d9b6918687c80b36d65747d0dbb11353c4d363fea298533814f44e6a5598f8cd00023ea5430553bbd43eda0e

  • SSDEEP

    1536:J2wukvF1ak9gcKu5UYFX1UMxvUb0JUM0I1g/ln6PrQTGpx:J2dkvF1ak9Ku5UYFFRMb0l0ILGqx

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

ghoss.freeddns.org:6606

ghoss.freeddns.org:7707

ghoss.freeddns.org:8808

Mutex

AsyncMutex_6SI68OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      3148-172-0x0000000000400000-0x0000000000416000-memory.dmp

    • Size

      88KB

    • MD5

      26a0162378d4b0f77252007366e09daa

    • SHA1

      13e04efc9d498379afb0976362e59dc661bb03ca

    • SHA256

      64743f796733b414b1d99bebc0116e9d98540d16e529d7ad5f9eb6e6f273b075

    • SHA512

      1a390ee6b3d027f05b1aac75b5f3d606a12e52e8d9b6918687c80b36d65747d0dbb11353c4d363fea298533814f44e6a5598f8cd00023ea5430553bbd43eda0e

    • SSDEEP

      1536:J2wukvF1ak9gcKu5UYFX1UMxvUb0JUM0I1g/ln6PrQTGpx:J2dkvF1ak9Ku5UYFFRMb0l0ILGqx

    Score
    1/10

MITRE ATT&CK Matrix

Tasks