Overview

overview

10

Static

static

10

tool (1).exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    tool (1).exe

  • Size

    63KB

  • Sample

    230731-1qn2gsce3s

  • MD5

    497a25a1a4d8c5bb5c607468eb83c17a

  • SHA1

    f801376808cf918c814bcc3bcf74ab657a3e7e71

  • SHA256

    a68e26d1838ad7f2bd4eeee7f7215ac42c468f69bdf26338d292a69c8ed704ad

  • SHA512

    ecf76f7cfcdffded6c6a57dec186d05f686752942460e3e9cbad2920a9020467fa00f3af3dd9ee1023b53225500b7dd04ddc094eaa0e5f86f62da60621b78847

  • SSDEEP

    1536:XJMlzXZI8T8Kr8rVkOy0YuHeGbbm6f887GJZVclN:XJMlzXZI8T8xpy0H+Gbbm4gzY

Score
10/10
asyncratdiscordrat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

discord

C2

tr2.localto.net:38440

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    true

  • install_file

    taskhostw.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      tool (1).exe

    • Size

      63KB

    • MD5

      497a25a1a4d8c5bb5c607468eb83c17a

    • SHA1

      f801376808cf918c814bcc3bcf74ab657a3e7e71

    • SHA256

      a68e26d1838ad7f2bd4eeee7f7215ac42c468f69bdf26338d292a69c8ed704ad

    • SHA512

      ecf76f7cfcdffded6c6a57dec186d05f686752942460e3e9cbad2920a9020467fa00f3af3dd9ee1023b53225500b7dd04ddc094eaa0e5f86f62da60621b78847

    • SSDEEP

      1536:XJMlzXZI8T8Kr8rVkOy0YuHeGbbm6f887GJZVclN:XJMlzXZI8T8xpy0H+Gbbm4gzY

    Score
    10/10
    asyncratdiscordrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks