Overview

overview

10

Static

static

3

fud.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fud.exe

  • Size

    8.0MB

  • Sample

    231023-a87nfafd49

  • MD5

    341c0be6f1e64a3e197b091dc86d6c91

  • SHA1

    2a79df9ed799e34365f1468ea816ddad68029083

  • SHA256

    e0204696586cc58ed9c2905d5ecaa7abc08a7c053d776c842c110cd71667c004

  • SHA512

    d2236c6bb91f8df074bd865002a9b9f0cb24ccdd058145ae8c543842c0cad54abe2a5d2f4b523840074122b8da5e53385922ec28e6288118e6caeece05583790

  • SSDEEP

    196608:Euuy7J1W903eV4QJItpDjIIAcwD0RPRvvk9QIi:57PW+eGQJg9jo0Kh

Score
10/10
asyncratdefaultpyinstallerrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

Mutex

德Ζ6YaNUקب1Ι斯NrL勒hlrzHc

Attributes
  • delay

    1

  • install

    true

  • install_file

    Delta.exe

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/qpB6hEFt

aes.plain

Targets

    • Target

      fud.exe

    • Size

      8.0MB

    • MD5

      341c0be6f1e64a3e197b091dc86d6c91

    • SHA1

      2a79df9ed799e34365f1468ea816ddad68029083

    • SHA256

      e0204696586cc58ed9c2905d5ecaa7abc08a7c053d776c842c110cd71667c004

    • SHA512

      d2236c6bb91f8df074bd865002a9b9f0cb24ccdd058145ae8c543842c0cad54abe2a5d2f4b523840074122b8da5e53385922ec28e6288118e6caeece05583790

    • SSDEEP

      196608:Euuy7J1W903eV4QJItpDjIIAcwD0RPRvvk9QIi:57PW+eGQJg9jo0Kh

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks