General

  • Target

    689d3736122823defa550657e98157f7c57646369df7081cbc8efb245d8a0a06.exe

  • Size

    69KB

  • Sample

    240302-fxxlzsbb35

  • MD5

    873d9db7925a4ec75bfecf636d0ef454

  • SHA1

    aa3f6724934db998d963cd18d2b358a62dfcdbbc

  • SHA256

    689d3736122823defa550657e98157f7c57646369df7081cbc8efb245d8a0a06

  • SHA512

    00570e3cab520d34db457b50a4f2be0604baa62e9f95a28d1d7e36127064954199c95ad90d9a49ec3e06db04a1b49c6e3cdeef2ddbc20b7be457edf313e3d616

  • SSDEEP

    1536:2uwRszlg+JOyyJJ9OVnFbI7pTmZmCZseQvDjvaUH57:2uwRWO+JMOVnFbI7QICZRSaUZ7

Score
10/10

Malware Config

Targets

    • Target

      689d3736122823defa550657e98157f7c57646369df7081cbc8efb245d8a0a06.exe

    • Size

      69KB

    • MD5

      873d9db7925a4ec75bfecf636d0ef454

    • SHA1

      aa3f6724934db998d963cd18d2b358a62dfcdbbc

    • SHA256

      689d3736122823defa550657e98157f7c57646369df7081cbc8efb245d8a0a06

    • SHA512

      00570e3cab520d34db457b50a4f2be0604baa62e9f95a28d1d7e36127064954199c95ad90d9a49ec3e06db04a1b49c6e3cdeef2ddbc20b7be457edf313e3d616

    • SSDEEP

      1536:2uwRszlg+JOyyJJ9OVnFbI7pTmZmCZseQvDjvaUH57:2uwRWO+JMOVnFbI7QICZRSaUZ7

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Detects executables packed with Babel

    • Detects executables packed with Dotfuscator

    • Detects executables packed with Goliath

    • Detects executables packed with dotNetProtector

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks