Overview

overview

10

Static

static

10

01206099.exe

windows7-x64

10

01206099.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01206099.exe

  • Size

    698KB

  • Sample

    230529-j7fm1abb3y

  • MD5

    acca46dd166c04133d2916b8d780e245

  • SHA1

    e426111a0a29367369a81219161e7577158f0204

  • SHA256

    127c167eab781efef570aaa089b6a66141953dc700beb9f5d5ba4cfa6ae4c97d

  • SHA512

    e603a3c651c612edc29bfbb0e688b75e4faa8e7b96a94dbb860d404191d04f1a1ea488302aa4516f778922bb866014591963732cb42e67f608db90411f1a5004

  • SSDEEP

    6144:XWoSFtKEx6Ixb26rQ7jnr83cVcg6fBuBuDuHJMJlFRQJfYyu2gHuFdfYJFuVBiLQ:XYxa/7jn7lTMZod7Y8

Score
10/10
asyncratrat

Malware Config

Targets

    • Target

      01206099.exe

    • Size

      698KB

    • MD5

      acca46dd166c04133d2916b8d780e245

    • SHA1

      e426111a0a29367369a81219161e7577158f0204

    • SHA256

      127c167eab781efef570aaa089b6a66141953dc700beb9f5d5ba4cfa6ae4c97d

    • SHA512

      e603a3c651c612edc29bfbb0e688b75e4faa8e7b96a94dbb860d404191d04f1a1ea488302aa4516f778922bb866014591963732cb42e67f608db90411f1a5004

    • SSDEEP

      6144:XWoSFtKEx6Ixb26rQ7jnr83cVcg6fBuBuDuHJMJlFRQJfYyu2gHuFdfYJFuVBiLQ:XYxa/7jn7lTMZod7Y8

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks