General

  • Target

    7c0b741217fc5370ad84fd2ec137a811

  • Size

    183KB

  • Sample

    240128-d55w8aadf7

  • MD5

    7c0b741217fc5370ad84fd2ec137a811

  • SHA1

    8102f8e7ff006515421abebc61b58348d8191283

  • SHA256

    486b4fcc5a6e4f4e949aa11aa3f2e9d8d2075ac8445617af8c41ab214f6dbfa0

  • SHA512

    625056d10ca349fd664a34a97092d52424dd4e026e1b8b9a1650c8017a8d22d0390e5904c2ec72301f1a4a68b7cb928c9bca2820b20a378e018bb4a14bbd10a8

  • SSDEEP

    3072:hVAAAonanPKMhvdFNe2iu9Fbh6tpTnjPwumRE6Q14vmOw38a9Mm:hVDn4PKMFdHdDbopn9OQ1qoYm

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Golden Eye 4.8.1

Botnet

Default

C2

23.105.131.217:83

Mutex

Golden-EyeMutex_Golden RAT

Attributes
  • delay

    1

  • install

    false

  • install_file

    SLIP.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      7c0b741217fc5370ad84fd2ec137a811

    • Size

      183KB

    • MD5

      7c0b741217fc5370ad84fd2ec137a811

    • SHA1

      8102f8e7ff006515421abebc61b58348d8191283

    • SHA256

      486b4fcc5a6e4f4e949aa11aa3f2e9d8d2075ac8445617af8c41ab214f6dbfa0

    • SHA512

      625056d10ca349fd664a34a97092d52424dd4e026e1b8b9a1650c8017a8d22d0390e5904c2ec72301f1a4a68b7cb928c9bca2820b20a378e018bb4a14bbd10a8

    • SSDEEP

      3072:hVAAAonanPKMhvdFNe2iu9Fbh6tpTnjPwumRE6Q14vmOw38a9Mm:hVDn4PKMFdHdDbopn9OQ1qoYm

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks