General

  • Target

    Tweaks Manager 10.04.00.exe

  • Size

    240KB

  • MD5

    3c198ddab60d156c434fbd457c26a6d6

  • SHA1

    b93317a391a2c20a49c75add676bae85cb9a5ef3

  • SHA256

    0fbb969983d003f2ecb8a1bfd9a909ce6424557f45ac2731fd8a23423b206e6f

  • SHA512

    08523ed4ba245c22417ecb7cdb7afb9043b37973ada568488abb63eed76380e39667d22fc022827f0bb834c29ee9704d9f09bd5bc436aa2e6aa9143619d6be22

  • SSDEEP

    6144:GufTAm3bjeP2aqxusGGNX8Hx6hkj5Yk/:GQneP5qxusGoX0j5t

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

lzzb9PVLPZva

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Tweaks Manager 10.04.00.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections