Overview

overview

10

Static

static

3

Ta.exe

windows10-1703-x64

10

Ta.exe

windows7-x64

10

Ta.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    458bacf7b28381813ab395db163843e71f62a830db1e1274178c14d91d435ca6.zip

  • Size

    479KB

  • Sample

    230605-dkawcafb71

  • MD5

    0d0df84c2c8cd338aa4d8507d2868f1b

  • SHA1

    42d5e6db9b7e54ba0fc9944ebc9108d3f5ae6c61

  • SHA256

    d5dd42968a3e8d91d5ac057a5d63e6a22d247d42677ac072ec88331ec39edf98

  • SHA512

    32846aae50db40412b78daa759fe493582efa9061e52f890899c21d79752755bde5e80cd37b91936762b2ae46c0e3c3d092a0d97c660a0027698c4783da92ccd

  • SSDEEP

    12288:ly0b60lrjZne/EWQ1MzxInrYPtkhfeVgvvT:lrbhS14SIry+feVgnT

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

45.81.243.217:6606

45.81.243.217:7707

45.81.243.217:8808
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Ta.exe

    • Size

      1024.0MB

    • MD5

      ad6af2d313b7118ff811eeaa49e740ad

    • SHA1

      f3ea74dae94644c095674bd8d1619a979388d569

    • SHA256

      4b34980497ed08e0f3958cc83b63dbf5cd84879333d176e8df5910694ec728ae

    • SHA512

      8a6cad20817c4c118c9c09a7f59b70d5fe17ee39576eedf8c27c2765e84ca45af4e12b760966f882ca148de47a81d72e90331f058e08787cb9b2150cd969ec4f

    • SSDEEP

      12288:94mT/RcXtvyJdBQhXVQprDv4alfZqby13caYgd2Dm/txt:94C/6XtvWBmQprT4gcaYgdPD

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks