Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

YYY.exe

windows7-x64

10

YYY.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    YYY.exe

  • Size

    294KB

  • Sample

    230604-s22gysdc2y

  • MD5

    62e48038a1105d8445b0f539b250a2ad

  • SHA1

    f592671e524814bb585b61ecf3c6fea16c724ae8

  • SHA256

    0b34d688a6c36cf55e1c18d22523f62a7fba025cc2035e0c163abd50288ae539

  • SHA512

    3a8874013fa64019b80788d0f32054e59ee56ef8e25188a51026d562212473c6961b7be46eddda11d3babeeb463656ea7c43f48298cde8184a59373ef38a9393

  • SSDEEP

    6144:XA2Q6m116ut7IBtDulkUcSEY0EWZOdnPtx2Tk5Kvj5:X5ObIBtxLSpXWYJPb2o5q

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.6A

C2

richard4545.loseyourip.com:6606

richard4545.loseyourip.com:7707

richard4545.loseyourip.com:8808

richard4545.loseyourip.com:3850

richard4545.loseyourip.com:3845

103.212.81.152:6606

103.212.81.152:7707

103.212.81.152:8808

103.212.81.152:3850

103.212.81.152:3845
Mutex

cccphnbynt

Attributes
  • delay

    5

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      YYY.exe

    • Size

      294KB

    • MD5

      62e48038a1105d8445b0f539b250a2ad

    • SHA1

      f592671e524814bb585b61ecf3c6fea16c724ae8

    • SHA256

      0b34d688a6c36cf55e1c18d22523f62a7fba025cc2035e0c163abd50288ae539

    • SHA512

      3a8874013fa64019b80788d0f32054e59ee56ef8e25188a51026d562212473c6961b7be46eddda11d3babeeb463656ea7c43f48298cde8184a59373ef38a9393

    • SSDEEP

      6144:XA2Q6m116ut7IBtDulkUcSEY0EWZOdnPtx2Tk5Kvj5:X5ObIBtxLSpXWYJPb2o5q

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks