General

  • Target

    MSBuild_exe_PID1db4_MSBuild.exe_B70000_x86-cleaned - Copy.bin

  • Size

    64KB

  • Sample

    231122-ayrjgaab91

  • MD5

    0076928a0a3b0d3b0e79afdee0b5c518

  • SHA1

    8c8e1f8fddfb7027330a63cf6920e46213467393

  • SHA256

    388517eb86d55d3225b12e48207c028fece5eaf29537bbb127ae54cb42a6d2ea

  • SHA512

    2abbbd1af1cead70c5b36763b408c3792132970aebfca3169a032e0ab3d29536f5b3f77b195d6ed90cd5dbbb387253d2ac1b249da78d11e03b8f9b99243fbedc

  • SSDEEP

    1536:gQRHQgEDFVRfZaUITkmYXXsuP5BM1KHGcZrPlTG3x:gvgED9fZapImYXXTP5BMDcZdIx

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

TRACKMONEY

C2

trackmoney.dynuddns.net:5959

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      MSBuild_exe_PID1db4_MSBuild.exe_B70000_x86-cleaned - Copy.bin

    • Size

      64KB

    • MD5

      0076928a0a3b0d3b0e79afdee0b5c518

    • SHA1

      8c8e1f8fddfb7027330a63cf6920e46213467393

    • SHA256

      388517eb86d55d3225b12e48207c028fece5eaf29537bbb127ae54cb42a6d2ea

    • SHA512

      2abbbd1af1cead70c5b36763b408c3792132970aebfca3169a032e0ab3d29536f5b3f77b195d6ed90cd5dbbb387253d2ac1b249da78d11e03b8f9b99243fbedc

    • SSDEEP

      1536:gQRHQgEDFVRfZaUITkmYXXsuP5BM1KHGcZrPlTG3x:gvgED9fZapImYXXTP5BMDcZdIx

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

MITRE ATT&CK Matrix

Tasks