Overview

overview

10

Static

static

10

d052b08d0e...87.exe

windows7-x64

10

d052b08d0e...87.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d052b08d0ed61a6414f32abf496c6c87

  • Size

    47KB

  • MD5

    d052b08d0ed61a6414f32abf496c6c87

  • SHA1

    a0e3763b3ad4febd544ebe0a42b1a8b5fac2ad70

  • SHA256

    562dc408fc4ed50a66e93e385ede6d1dc9c01ec024a7f6b5c079417e77bea66a

  • SHA512

    edfc36199a24d7b9390dcfb90485ff1f38c666d3b5bd02aad5851f9151a78551bde5601a166baec8a4fbf30311d9b524c8c02164159ecf69807556cfc38c3aef

  • SSDEEP

    768:quivNTdFHLBWUZiGrmo2qrKOFVyjKvyPIRH2WsEnRnR0bnhFT1gZRN5+ZAiFrSRn:quivNTdBR26cKDRH2WsERnGbnWZRL+Z4

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

spongethug.ddns.net:443

86.153.66.129:443
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    true

  • install_file

    Windows.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d052b08d0ed61a6414f32abf496c6c87
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections