Overview

overview

10

Static

static

1

c198797761...b7.exe

windows7-x64

10

c198797761...b7.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b3f843bc2d8b46f4bc7e6a4fb9a2abbb.bin

  • Size

    804KB

  • Sample

    230508-b55v4sad5z

  • MD5

    481fc122273219ebf4a087aa727c9e59

  • SHA1

    e75cb2645486f17e16f95c84e32941d59137daf6

  • SHA256

    2955056e0388f90034c6888b08cc5218f9c4ea82cfc1ed52329ac64326a8affd

  • SHA512

    d5d902d9d4a3ea7ee8618215506096f6ab3638aa894ac58e27bdb82d6c1d4dc902d1855858f489ff9511e0ca63b40cdd983909c694be8ee90281a9dae7cbc728

  • SSDEEP

    24576:FQmxfo5SVP25jf95HFrg4JSuf+1CsBC8M:2oA5SVPMjRg+SufpLL

Score
10/10
asyncratpersistencerat

Malware Config

Targets

    • Target

      c198797761647a41cab0f6ef6eb899059d3f3a875e841e7a88164f29ccf2a5b7.exe

    • Size

      1.2MB

    • MD5

      b3f843bc2d8b46f4bc7e6a4fb9a2abbb

    • SHA1

      3a7e809c91de7c73d57c11c55a4643bb1992986d

    • SHA256

      c198797761647a41cab0f6ef6eb899059d3f3a875e841e7a88164f29ccf2a5b7

    • SHA512

      f3dd01a1a0967df7db0742c724d512dcc3800aaf42ac06f3753afcc6ce24dd451d71a038430bdc5a83ad3ebadefb06076faa098e83823395d4541307ebdf7379

    • SSDEEP

      24576:ehie9LTEx/lAo29YFUie8hh7pdBXoOPspu3m:kP5oYYph7pLoYTm

    Score
    10/10
    asyncratpersistencerat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks