Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd240aa98faddeb1c59ecbf0caecb1449fb8aca2f187ef28db6729a41e9b03cf

  • Size

    82KB

  • Sample

    231208-h3jcnahg33

  • MD5

    b650d8ff26e23317d9e2e7b634b89be2

  • SHA1

    fdc2f4d5067d1e065e79756f37ba439a0a0a86b1

  • SHA256

    fd240aa98faddeb1c59ecbf0caecb1449fb8aca2f187ef28db6729a41e9b03cf

  • SHA512

    c0a11833921fd3793b426a1ef8d681ce514e51aec1f290f16035823bacb4700c1c9ee46390fb9142a83d6e0dd36586cf17a49066d88c28e706d8a62f98373eeb

  • SSDEEP

    1536:OFVaxnTCdOnFO14Q8YcZUbTbxmtqE587/WlVE2f2L79fbqncY69:OFVahCUFO2YawRmN87/aVEZJqncT

Score
10/10
asyncrat441drat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

441d

C2

88.248.18.120:33918

Mutex

sdf324

Attributes
  • delay

    3

  • install

    false

  • install_file

    da44rks.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      fd240aa98faddeb1c59ecbf0caecb1449fb8aca2f187ef28db6729a41e9b03cf

    • Size

      82KB

    • MD5

      b650d8ff26e23317d9e2e7b634b89be2

    • SHA1

      fdc2f4d5067d1e065e79756f37ba439a0a0a86b1

    • SHA256

      fd240aa98faddeb1c59ecbf0caecb1449fb8aca2f187ef28db6729a41e9b03cf

    • SHA512

      c0a11833921fd3793b426a1ef8d681ce514e51aec1f290f16035823bacb4700c1c9ee46390fb9142a83d6e0dd36586cf17a49066d88c28e706d8a62f98373eeb

    • SSDEEP

      1536:OFVaxnTCdOnFO14Q8YcZUbTbxmtqE587/WlVE2f2L79fbqncY69:OFVahCUFO2YawRmN87/aVEZJqncT

    Score
    10/10
    asyncrat441drat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks