Overview

overview

10

Static

static

10

bN39.exe

windows7-x64

10

bN39.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bN39.exe

  • Size

    66KB

  • Sample

    230614-vnkcmabf94

  • MD5

    7b439e2b88bad323ade65a03b9e2303d

  • SHA1

    3dc9749dc480d00097873f1fbb263bb25dc83f49

  • SHA256

    fd5b9cbb176cfea7cb3ba0b8f10e323eb1a9c1a914a0ab9182aa033c8ea18429

  • SHA512

    f054a3922c7e05c0e3dee83c21a53237e3021dd71d32a83e982b84361825fddb281edc33c2a3efa505d558d4339a73400742182289f8ded2d0bda831cfc85833

  • SSDEEP

    1536:z2wukvF1ak9gcKu5UYF/cyh+90PfSbuNvQRvo/px8AAZc5HrPlTGFx:z2dkvF1ak9Ku5UYF/LnHSbuNveovrAZ5

Score
10/10
asyncratdefaultratspywarestealer

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

walder08.duckdns.org:8000

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      bN39.exe

    • Size

      66KB

    • MD5

      7b439e2b88bad323ade65a03b9e2303d

    • SHA1

      3dc9749dc480d00097873f1fbb263bb25dc83f49

    • SHA256

      fd5b9cbb176cfea7cb3ba0b8f10e323eb1a9c1a914a0ab9182aa033c8ea18429

    • SHA512

      f054a3922c7e05c0e3dee83c21a53237e3021dd71d32a83e982b84361825fddb281edc33c2a3efa505d558d4339a73400742182289f8ded2d0bda831cfc85833

    • SSDEEP

      1536:z2wukvF1ak9gcKu5UYF/cyh+90PfSbuNvQRvo/px8AAZc5HrPlTGFx:z2dkvF1ak9Ku5UYF/LnHSbuNveovrAZ5

    Score
    10/10
    asyncratdefaultratspywarestealer

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks