General

  • Target

    0x000b00000001da69-3275.dat

  • Size

    63KB

  • Sample

    240121-mvd57abdej

  • MD5

    ec01de3e50709ac8870a5877747fd228

  • SHA1

    7a9eab4827629a1bfb6d5fc2e5f0cf99c57b5207

  • SHA256

    6fe0221d6c0841b60388fd6477a0a7b352257c1ffcdf913fde09fe441580fd14

  • SHA512

    4d2808f89aac2d9ff022035cdfe0a248bc998ad83ba09734ea7f5d1a1eafe7fd319c29f2d6bbb4cbc9e34849d333db9853a2d54bfea0522d646a30f0c8a07c0a

  • SSDEEP

    768:atoQVuOPx178nkC8A+XIN2Fw06+Y9lz1+T4ISBGHmDbDuFph0ohkj/1CzynHlSue:6VxXf65fYUbajhLk7eyn0uAdpqKmY7F

Score
10/10

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

91.92.241.54:4782

Mutex

my3GΕuPuz比kPhN9Y比

Attributes
  • delay

    1

  • install

    true

  • install_file

    mservice.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      0x000b00000001da69-3275.dat

    • Size

      63KB

    • MD5

      ec01de3e50709ac8870a5877747fd228

    • SHA1

      7a9eab4827629a1bfb6d5fc2e5f0cf99c57b5207

    • SHA256

      6fe0221d6c0841b60388fd6477a0a7b352257c1ffcdf913fde09fe441580fd14

    • SHA512

      4d2808f89aac2d9ff022035cdfe0a248bc998ad83ba09734ea7f5d1a1eafe7fd319c29f2d6bbb4cbc9e34849d333db9853a2d54bfea0522d646a30f0c8a07c0a

    • SSDEEP

      768:atoQVuOPx178nkC8A+XIN2Fw06+Y9lz1+T4ISBGHmDbDuFph0ohkj/1CzynHlSue:6VxXf65fYUbajhLk7eyn0uAdpqKmY7F

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks