General

  • Target

    transfer.sh_17thKg_Ta.zip

  • Size

    2.4MB

  • Sample

    230504-ml58bade3x

  • MD5

    6d136d94c1a14c65ba3a6b2b09a491a9

  • SHA1

    3ee0979ad276b54311ba24cff4b73cf5de8711e2

  • SHA256

    042ece478eb57f80509a6b318e33830ccd144ff187197a91cb5e9451a4918ec1

  • SHA512

    814c5b5e379ad6b037a5a2c4ade281bb770194157b9e72673583b8c3788eaf6f2f3c053e67236f6061e11623d4fba4ca8217a8e3f61c3f3bc32d86ddff28a310

  • SSDEEP

    12288:KklVV+u9dWbjVpGNGGzsJvVnMal6h84q1B/CC:Kk3VCfVeFKtMawaBp

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

45.81.243.217:6606

45.81.243.217:7707

45.81.243.217:8808

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Ta.exe

    • Size

      1024.0MB

    • MD5

      2cae069aa7b7d01aa0518ce54131e797

    • SHA1

      484f33776492a78958914c3a637615e30b3acebb

    • SHA256

      3ae0b6a4b5f4733df33d3962f6911c32d0e21e119fb3dfb93598460f67ff17ff

    • SHA512

      b23b27ae9431846223442da391e9d3d7cc4fc9f30603c8283b03da47f0994cc8a8b22a60d90e36faadeb22f6e70bbd4a6fb1fa5816e411e228158c771ab93275

    • SSDEEP

      12288:l4mT/RcXtvyJdBQhXVQpmDv4alfZqby13caYgd2D0gjDsTrU:l4C/6XtvWBmQpmT4gcaYgdBgjDsPU

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

MITRE ATT&CK Matrix

Tasks