Overview

overview

10

Static

static

3

60942c91f8...93.exe

windows7-x64

10

60942c91f8...93.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    60942c91f8c93b25ecae592416c2abda09501642f4b20d183fd4c00ff14b0893.zip

  • Size

    5KB

  • Sample

    230604-hv3rbsca4y

  • MD5

    3e1f5223fa9190f0d0c1423a96ba5661

  • SHA1

    ba36b070daf401e68abf27d9ea8fd274db2fe516

  • SHA256

    b5480d77937f20bad7696c2d03583115fac869fa81baad0bacd2516a0e2e7af5

  • SHA512

    102c0097071a8c04860d486de9c8e3988ebed0a9852c12006f5da729a6f624945823107872806098a66e36057264c9fa1a6fb2d358c2d1b1de714cc5c017e9c7

  • SSDEEP

    96:MVYeXwzau8UFlxvG0F6BB8pQZR5V8sfWAieYFFesJcxsZe0Rsrrsj9py8VvTzQWv:FL8UF/vvzpQjnDtifPXcxsZe8srC4If

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

PortHack 1.0.0

Botnet

Default

C2

103.127.236.137:8848

Mutex

DcRatMutex

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      60942c91f8c93b25ecae592416c2abda09501642f4b20d183fd4c00ff14b0893.exe

    • Size

      12KB

    • MD5

      2c852ee875d88f0a12178bfd12e6c512

    • SHA1

      29d5569fb557aac2b4b06fe80cdb38f7c49be635

    • SHA256

      60942c91f8c93b25ecae592416c2abda09501642f4b20d183fd4c00ff14b0893

    • SHA512

      11b2b8d661965a251950b65f182223115e10cd8fb1f82096ad9cf05b18480f52922275cb0485a12612b9c965969a410d1ee94cceeac6508ba4553793119e8984

    • SSDEEP

      192:94vwAClvuA+j6y++UE/3oDHrupJxrZNymGh8+kzYcECWm8PLJ:yoAcuA+j6ydUE/3kHqpJxrZNymGhbkzk

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks