Overview

overview

10

Static

static

10

06f7555421...5b.exe

windows7-x64

10

06f7555421...5b.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    06f75554213802ce8966b2d1e870a25b

  • Size

    47KB

  • MD5

    06f75554213802ce8966b2d1e870a25b

  • SHA1

    a6ea44f2280b3b90696672746e955ea0021d157b

  • SHA256

    322a1de0d4e993c58144bea400a55016d6961a76de613894dda88f5789d9c61a

  • SHA512

    9282d9cc8ae2509b9956d2ebc5c97592bc8412c6afa937aa4f0995f28b4e1481490bf9ea5b213bd4a24c3c3967a7754dd887a53368a87f41faf77f65b7eb7e3b

  • SSDEEP

    768:x6tKW2VIifsg3Ag42MMHthDt2bvvOFdL8BLb21wahG3OY8vLfT1g+xMLlx:x61hgMbCdLMb21wuG+YkLfT1bxMLlx

Score
10/10
ratminecraftsborkaasyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

MinecraftSborka

C2

8.tcp.ngrok.io:30397

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    true

  • install_file

    spoolsv.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 06f75554213802ce8966b2d1e870a25b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections