General

  • Target

    rat.exe

  • Size

    47KB

  • MD5

    781e8da04b571dace6b798853c5b05d8

  • SHA1

    2e946b335e9b7505e1841b5e2782b49f9c427361

  • SHA256

    421666dc3b62bfb2d31e968515c87c909b7b69d7bbea5e28f79d343278e5ee40

  • SHA512

    a2e1bf09cf9bf6daceb9a85fd8e70fa7cdf1a91acc3e9c39e193ddf0730029e1a4a9601943fd6a222abac741b6f4da92dee3ed2bff6e3e80ce3f89953471e92e

  • SSDEEP

    768:R/IO5VILWCyh+DiWtelDSN+iV08YbygeqBIARvEgK/J/ZVc6KN:R/PNWtKDs4zb1XIunkJ/ZVclN

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Sigorta

C2

92.205.184.19:1337

Mutex

SaBenNativez

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • rat.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections