Overview

overview

10

Static

static

10

Infected.exe

windows7-x64

10

Infected.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Infected.exe

  • Size

    63KB

  • MD5

    6c3626640ac2289adc42ec57adf917e2

  • SHA1

    008584b23cb73dcb8521316e064c8fb1ba1d8a4f

  • SHA256

    972f3d20def29d0a719e463ee0d195d7cfd972cefd47c084df0c00c218c8870f

  • SHA512

    7e83278cb74a146e8013357ec0cde65cb17b5bd70098bce133cdcd341f6e8bbf57571faed6cac0a8322856035c9ee21762f7c304ea0b16bda1fb57aabb568122

  • SSDEEP

    768:RdGnVhwdjndk78TQC8A+XiuazcBRL5JTk1+T4KSBGHmDbD/ph0oXjpepg6SuAdph:mnSdsNdSJYUbdh9ltuAdpqKmY7

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

Kaught-36793.portmap.host:36793

Mutex

勒קJGOK西伊רz德o2ABר2IbD1

Attributes
  • delay

    1

  • install

    true

  • install_file

    Nebula.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Infected.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections