Overview

overview

10

Static

static

3

IgXNkefSCwhtVCR.exe

windows7-x64

10

IgXNkefSCwhtVCR.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HBL draft 1.rar

  • Size

    508KB

  • Sample

    230609-j6pjhscc9z

  • MD5

    979382d22e0f50690dd6e114c241f07e

  • SHA1

    c792927da1135aac21b3adc984f2f78473793bec

  • SHA256

    817310b0404cb8213fe6ca4c0d5ab28c0a8a9714a2c6440f55b3b5240a66b41a

  • SHA512

    91b9144580f159dfd539f8a64ae7f662241aaf1e14304f68e52294666b56079785c69ce74df576024999a37022f0b897fea4e12a06e0636823bf52ed4f05170f

  • SSDEEP

    12288:Wt5XUBymwuMzvlD2vNh2xzjUMzZhGD9FFKtn4BKDuf8GVIc3:WfUBymwuMzNDqrGzjUOKHFYn4wDPC

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

95.214.27.44:6606

95.214.27.44:7707

95.214.27.44:8808
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      IgXNkefSCwhtVCR.exe

    • Size

      627KB

    • MD5

      c7b595da0280818998af6a5eaabeb6ed

    • SHA1

      97e0e2c7be4b44d058c4e40e75ff59582917a8e7

    • SHA256

      63b2add18bbd481c278a85e74c496918a12ea951301951134956e0b4449ebf39

    • SHA512

      01913066f42efc8dbe369239b260802a3280da9045ffd59a298acb9cb6bd9e877d9072c12cef8bee36b53ed1ed1715b4268c0cfa325aacdf5d351fb14c6eb3d2

    • SSDEEP

      12288:8Gmp0lWxMzIHREJVk/bq4izoW/m7/ePmr9eRf5ORReTed59dTqGiyxA+kqIt:dmilWxMiQW/O4ue7/ePNRROiyd+mO+k

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks