Overview

overview

10

Static

static

10

newmain.exe

windows10-1703-x64

10

Resubmissions

01/11/2023, 00:28

231101-asvnyaga7z 10

01/11/2023, 00:28

231101-asdenaga7t 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    newmain.exe

  • Size

    64KB

  • MD5

    b35e62fd3834abbb204d4ce8701f6613

  • SHA1

    c23d22492b7e8361465ee510a4f63f804a028420

  • SHA256

    102d00fe4f07f359581d4700dea0e7dd646b479e9f7152873a12395816858d28

  • SHA512

    b920bf2355e35b12a783b6113d9cda782ce8d86f5d20b5e53a3e2187dd74d81073936902180d1e3e5334f32a6236dd2bdab18cee8e5fc6567a62b43aa3a5f4fb

  • SSDEEP

    1536:m+4/ZHGntdde3aYUbChatnkuNQpqKmY7:mXdGntaqYUbCsLz

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:1192

127.0.0.1:30646

frostycheats-30646.portmap.host:1192

frostycheats-30646.portmap.host:30646
Mutex

艾2尺0d比Bj艾J尺贼艾tקTC

Attributes
  • delay

    25

  • install

    true

  • install_file

    Update.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • newmain.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections