Overview

overview

10

Static

static

10

Infected.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Infected.exe

  • Size

    9.0MB

  • MD5

    add49a4fbe84b5e5925c278f50d212a5

  • SHA1

    194c8f74726c7c80cd2dbc5b1971d61bb0b5d079

  • SHA256

    b66c361415efd36f60551d8947123ea937b6adc29accc299fd2e98db143202e4

  • SHA512

    c1121c07cd7bc1b4a20e8e0c85a4f84d8bc4a0a69f44b595340f9e8fa2fcc69a5cdb358306462bd78afe77fa544d8b01420afe2968de5b26e0ca2f937063a913

  • SSDEEP

    1536:DY+Q+tdSJYUbdh9gBtdluXpCQ5ppqKmY7:DrtYYUbdwtI5yz

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:909

127.0.0.1:9090

127.0.0.1:4545

127.0.0.1:3232

192.168.2.40:909

192.168.2.40:9090

192.168.2.40:4545

192.168.2.40:3232

127.0.0.1:3232:909

127.0.0.1:3232:9090

127.0.0.1:3232:4545

127.0.0.1:3232:3232
Mutex

i4fXWD贼8勒oרD吾ikVd勒h4Pgg

Attributes
  • delay

    1

  • install

    true

  • install_file

    WinChecker.exe

  • install_folder

    %Temp%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Infected.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections