Overview

overview

10

Static

static

3

4b33702216...04.exe

windows7-x64

10

4b33702216...04.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b33702216949b8afe8794ecfc2cf504

  • Size

    4.2MB

  • Sample

    240108-mlgjysgabj

  • MD5

    4b33702216949b8afe8794ecfc2cf504

  • SHA1

    76e060bc70507789bb7dd9e3f68ee9f6a8e6718c

  • SHA256

    11004be319514e886ed27a41905e3ef648c307c09219c77917986cf5b5a7665b

  • SHA512

    7cc2ac87c0e5fc0eccfe06ed302da4c42cdbd392f3f2ed8ab53137a82745632906e5adb3fd6fbee4389b6df1bfb9a4b0850e6722331e800bd14df925b9cca5d9

  • SSDEEP

    98304:X14Wq9ua3mHJJPF9d2SxuvtjWQXoB7RDcQ22ZRsFJITw8n7g:l4Wq9uAmfwSxuFjJ4txdRsFOy

Score
10/10
asyncratevasionpersistencerat

Malware Config

Targets

    • Target

      4b33702216949b8afe8794ecfc2cf504

    • Size

      4.2MB

    • MD5

      4b33702216949b8afe8794ecfc2cf504

    • SHA1

      76e060bc70507789bb7dd9e3f68ee9f6a8e6718c

    • SHA256

      11004be319514e886ed27a41905e3ef648c307c09219c77917986cf5b5a7665b

    • SHA512

      7cc2ac87c0e5fc0eccfe06ed302da4c42cdbd392f3f2ed8ab53137a82745632906e5adb3fd6fbee4389b6df1bfb9a4b0850e6722331e800bd14df925b9cca5d9

    • SSDEEP

      98304:X14Wq9ua3mHJJPF9d2SxuvtjWQXoB7RDcQ22ZRsFJITw8n7g:l4Wq9uAmfwSxuFjJ4txdRsFOy

    Score
    10/10
    asyncratevasionpersistencerat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks