General

  • Target

    xeogen.exe

  • Size

    106KB

  • Sample

    240119-3h2zgsgag8

  • MD5

    4d9eaad45d22b7cdbb50626e8a6fb2e3

  • SHA1

    1d3f2a45496fa8f9af8e5f4b8aaee4589a391a03

  • SHA256

    3c07b5a37104d1d55bd738ffe4302ba502db925945565eafbf51457914646bab

  • SHA512

    3a8acf5b61c1c71cb280ecaaafdb476080fba54ee280d1ce2391374f6db8c8d97e2829df7a87b122c45b77073c8a2a7d2a112be1f1d2cc9fab0945ad014b7c91

  • SSDEEP

    3072:mtm6sgzbYXUIIDAMD086dAHXhaa8QuPrzY:kNvzboUzBD086QXhaa8QuPv

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

127.0.0.1:8848

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      xeogen.exe

    • Size

      106KB

    • MD5

      4d9eaad45d22b7cdbb50626e8a6fb2e3

    • SHA1

      1d3f2a45496fa8f9af8e5f4b8aaee4589a391a03

    • SHA256

      3c07b5a37104d1d55bd738ffe4302ba502db925945565eafbf51457914646bab

    • SHA512

      3a8acf5b61c1c71cb280ecaaafdb476080fba54ee280d1ce2391374f6db8c8d97e2829df7a87b122c45b77073c8a2a7d2a112be1f1d2cc9fab0945ad014b7c91

    • SSDEEP

      3072:mtm6sgzbYXUIIDAMD086dAHXhaa8QuPrzY:kNvzboUzBD086QXhaa8QuPv

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

MITRE ATT&CK Enterprise v15

Tasks