General

  • Target

    TrashMalwares-main.zip

  • Size

    510.8MB

  • MD5

    0d3e74f066e4219a220ab375363051b0

  • SHA1

    a50ca0ce47378b0b0bd39b8e94b994f8fe7d3021

  • SHA256

    f715c3d3a93c1160c490ce9277c4d2093787f383e15d3e50d034bd9eaf36d536

  • SHA512

    0a61059e89339eaae681c1133f07b75ced1f02ca5248308fc118b617ce21d332d247d85e4f5f1eba21171e7e9e18ecbe5e25369c5c723267d990e4694a9875cc

  • SSDEEP

    12582912:BWNY0ca1YYgY0clm2L5B932bQcLN9kEFGCwHPq5pD/dd:BWNY0cLYgY0clm2972NmLvs

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

4.tcp.eu.ngrok.io:19354

Mutex

a4a592a96ea7c45f9ee4a9c42a1e0f9d

Attributes
  • reg_key

    a4a592a96ea7c45f9ee4a9c42a1e0f9d

  • splitter

    |'|'|

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

127.0.0.1:5552

127.0.0.1:19354

4.tcp.eu.ngrok.io:6606

4.tcp.eu.ngrok.io:7707

4.tcp.eu.ngrok.io:8808

4.tcp.eu.ngrok.io:5552

4.tcp.eu.ngrok.io:19354

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    true

  • install_file

    lolo.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Njrat family
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 35 IoCs

    Checks for missing Authenticode signature.

Files

  • TrashMalwares-main.zip
    .zip
  • TrashMalwares-main/@_136 @828#-138389J-SJFJDSM.exe.zip
    .zip
  • @_136 @828#-138389J-SJFJDSM.exe
    .exe windows:4 windows x64 arch:x64

    0dd503aa01fc0706946ca4e0c9dbd07e


    Headers

    Imports

    Sections

  • TrashMalwares-main/AcidRain.exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • TrashMalwares-main/AdStRkJ.7z
    .7z
  • AdStRkJ.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • TrashMalwares-main/Anatralier.zip
    .zip
  • Anatralier.exe
    .exe windows:4 windows x86 arch:x86

    db509f0d296d268770c3b20bf5581bd7


    Headers

    Imports

    Sections

  • TrashMalwares-main/Antivirus_Installer.exe
    .exe windows:4 windows x86 arch:x86

    2c5f2513605e48f2d8ea5440a870cb9e


    Headers

    Imports

    Sections

  • TrashMalwares-main/Busy Real2.0.zip
    .zip
  • Busy Real2.0.exe
    .exe windows:4 windows x86 arch:x86

    2c5f2513605e48f2d8ea5440a870cb9e


    Headers

    Imports

    Sections

  • TrashMalwares-main/Busy.Trojan.zip
    .zip
  • Busy.Trojan.exe
    .exe windows:5 windows x86 arch:x86

    ae9f6a32bb8b03dce37903edbc855ba1


    Headers

    Imports

    Sections

  • TrashMalwares-main/Chimichi.zip
    .zip
  • Chimichi.exe
    .exe windows:6 windows x86 arch:x86

    71429a9d65181cdc0c50b276b196c774


    Headers

    Imports

    Sections

  • README.txt
  • VC-redist-x86.exe
    .exe windows:5 windows x86 arch:x86

    1a5cdbf711fee14b077e599d13fddab2


    Code Sign

    Headers

    Imports

    Sections

  • msvcp140.dll
    .dll windows:6 windows x64 arch:x64

    01c801a34c4715440ef1f25ad689b315


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • TrashMalwares-main/Cohr.zip
    .zip
  • Cohr.exe
    .exe windows:4 windows x86 arch:x86

    db509f0d296d268770c3b20bf5581bd7


    Headers

    Imports

    Sections

  • TrashMalwares-main/CoreR Trojan.rar
    .rar
  • CoreR Trojan/CoreR.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • CoreR Trojan/Read Me.txt
  • TrashMalwares-main/Database-Malwares/Chloroform.rar
    .rar
  • TrashMalwares-main/Database-Malwares/Coronavirus.rar
    .rar
  • TrashMalwares-main/Database-Malwares/Covid29R.rar
    .rar
  • TrashMalwares-main/Database-Malwares/FIFA2023.rar
    .rar
  • TrashMalwares-main/Database-Malwares/HolmiumBeta.rar
    .rar
  • TrashMalwares-main/Database-Malwares/Malware.rar
    .rar
  • TrashMalwares-main/Database-Malwares/Poranium.rar
    .rar
  • TrashMalwares-main/Database-Malwares/Psychology.rar
    .rar
  • TrashMalwares-main/Database-Malwares/README.md
  • TrashMalwares-main/Database-Malwares/alpha0.01.rar
    .rar
  • TrashMalwares-main/Database-Malwares/cgwkwmbvzo.rar
    .rar
  • TrashMalwares-main/Database-Malwares/salinewin0.1.rar
    .rar
  • TrashMalwares-main/Database-Malwares/teletubisie.rar
    .rar
  • TrashMalwares-main/Discospinsterium.zip
    .zip
  • TrashMalwares-main/DittoDestructive.zip
    .zip
  • TrashMalwares-main/Dro trojan. Virus prank.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • TrashMalwares-main/EternalBlue.zip
    .zip
  • TrashMalwares-main/FaZoN.bat
  • TrashMalwares-main/Fizer.zip
  • TrashMalwares-main/Fizz.exe
    .exe windows:6 windows x86 arch:x86

    7e52fe309a705e2ed904d67aaf34e4ce


    Headers

    Imports

    Sections

  • TrashMalwares-main/Ginxide.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • TrashMalwares-main/Guide.zip
    .zip
  • TrashMalwares-main/Hachi.zip
    .zip
  • TrashMalwares-main/Hello (1).zip
    .zip
  • TrashMalwares-main/Hello.zip
    .zip
  • TrashMalwares-main/Holzery.zip
    .zip
  • TrashMalwares-main/HtkLkr.zip
    .zip
  • TrashMalwares-main/Hungadian.zip
    .zip
  • TrashMalwares-main/Hyptonize.zip
    .zip
  • TrashMalwares-main/Install Windows20.exe
    .exe windows:5 windows x86 arch:x86

    b4070734502a100c8f90bbd445995533


    Headers

    Imports

    Sections

  • TrashMalwares-main/Interim.zip
    .zip
  • TrashMalwares-main/LoselconIw.zip
    .zip
  • TrashMalwares-main/Lumitium soruce main.zip
    .zip
  • TrashMalwares-main/Lumitium.zip
    .zip
  • TrashMalwares-main/MS-RickRoll.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • TrashMalwares-main/Made-by-Darik2121-Trash-Malwares-main.zip
    .zip
  • TrashMalwares-main/MercuryXhoffle.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • TrashMalwares-main/MomoxemooDestructive.zip
    .zip
  • TrashMalwares-main/NetPakoe.bat
  • TrashMalwares-main/NetPakoe3.0.exe
    .exe windows:4 windows x64 arch:x64

    167fe7dad034e11847397d501baf6f5e


    Headers

    Imports

    Sections

  • TrashMalwares-main/Netquadium.zip
    .zip
  • TrashMalwares-main/NoEscape8.0.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • TrashMalwares-main/NotSolaris.zip
    .zip
  • TrashMalwares-main/PC shaking v4.0.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • TrashMalwares-main/Phsyletric.exe
    .exe windows:5 windows x86 arch:x86

    cd774ccfc32784a73aec28c6e390bbb6


    Headers

    Imports

    Sections

  • TrashMalwares-main/README.md
  • TrashMalwares-main/RealBSOD.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • TrashMalwares-main/Sankylium.exe
    .exe windows:5 windows x86 arch:x86

    67219f66e5d61666cb86838ad4a0ad18


    Headers

    Imports

    Sections

  • TrashMalwares-main/Screaming Bunny Epic.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • TrashMalwares-main/Sofanium.zip
    .zip
  • TrashMalwares-main/Spirit.zip
    .zip
  • TrashMalwares-main/Sumo_Pack.zip
    .zip
  • TrashMalwares-main/SuperWacker.exe
    .exe windows:4 windows x86 arch:x86

    db509f0d296d268770c3b20bf5581bd7


    Headers

    Imports

    Sections

  • TrashMalwares-main/Systan Epic.exe.zip
    .zip
  • TrashMalwares-main/TEMZ.exe
    .exe windows:5 windows x86 arch:x86

    13826908a42758ff942be956bb84af74


    Headers

    Imports

    Sections

  • TrashMalwares-main/ToadetteKill Virus/Read Me before you want make video of this virus.txt
  • TrashMalwares-main/ToadetteKill Virus/ToadetteKill Virus/Install First/mash_full_setup.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • TrashMalwares-main/ToadetteKill Virus/ToadetteKill Virus/Then run it/ToadetteKill.z01
  • TrashMalwares-main/ToadetteKill Virus/ToadetteKill Virus/Then run it/ToadetteKill.z02
  • TrashMalwares-main/ToadetteKill Virus/ToadetteKill Virus/Then run it/ToadetteKill.zip
  • TrashMalwares-main/Too.vbs.zip
    .zip
  • TrashMalwares-main/Ukias Download.z01
  • TrashMalwares-main/Ukias Download.z02
  • TrashMalwares-main/Ukias Download.zip
  • TrashMalwares-main/Underwater.zip
    .zip
  • TrashMalwares-main/VbucksGen.zip.zip
    .zip
  • TrashMalwares-main/Xyeta.zip
    .zip
  • TrashMalwares-main/Xylitol.zip
    .zip
  • TrashMalwares-main/Zepa.zip
    .zip
  • TrashMalwares-main/ach.exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • TrashMalwares-main/biggerdestruction.zip
    .zip
  • TrashMalwares-main/complex.zip
    .zip
  • TrashMalwares-main/cuppotrium.zip
    .zip
  • TrashMalwares-main/darkness.zip
    .zip
  • TrashMalwares-main/dischowlniw.exe.zip
    .zip
  • TrashMalwares-main/dobrota.zip
    .zip
  • TrashMalwares-main/download link for photentic
  • TrashMalwares-main/dxp (1).zip
    .zip
  • TrashMalwares-main/dxp.zip
    .zip
  • TrashMalwares-main/even0.5.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • TrashMalwares-main/fixiki(pass 25).zip
    .zip
  • TrashMalwares-main/fuldfzfhjjog.zip
    .zip
  • TrashMalwares-main/hi2.0.rar
    .rar
  • TrashMalwares-main/inoccoece.zip
    .zip
  • TrashMalwares-main/loh_trojan(pass 25) (1).zip
    .zip
  • TrashMalwares-main/lol.exe.njrat
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • TrashMalwares-main/mhm.exe.asyncrat
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • TrashMalwares-main/newyear_trojan_2022(pass 25).zip
    .zip
  • TrashMalwares-main/nttdsl.zip
    .zip
  • TrashMalwares-main/obrinty 0.6.zip
    .zip
  • TrashMalwares-main/obrinty 0.9.zip
    .zip
  • TrashMalwares-main/pankickSKIDDER-malware-main.zip
    .zip
  • TrashMalwares-main/photenium.rar
    .rar
  • TrashMalwares-main/pidL.zip
    .zip
  • TrashMalwares-main/psychosomatic-builder.exe.fake
    .exe windows:6 windows x64 arch:x64

    3b640ed31052377543c7e988c855dea9


    Headers

    Imports

    Sections

  • TrashMalwares-main/psychosomatic.exe.vir
    .exe windows:6 windows x64 arch:x64

    619649ff871ab12cfe9828bbeec7b40c


    Headers

    Imports

    Sections

  • TrashMalwares-main/sources/AiQuMSwH.cpp
  • TrashMalwares-main/sources/DgfkDPiZ.cpp
  • TrashMalwares-main/sources/r
  • TrashMalwares-main/takinium.zip
    .zip
  • TrashMalwares-main/uqwuDY9B.cpp
  • TrashMalwares-main/winbmpdestructive.zip
    .zip
  • TrashMalwares-main/winnit6.6.6 V10.exe
    .exe windows:5 windows x86 arch:x86

    b4070734502a100c8f90bbd445995533


    Headers

    Imports

    Sections

  • TrashMalwares-main/winnit6.6.6_V6.exe
    .exe windows:5 windows x86 arch:x86

    b4070734502a100c8f90bbd445995533


    Headers

    Imports

    Sections

  • TrashMalwares-main/winvbsdescrutive.rar
    .rar
  • TrashMalwares-main/x.exe
    .exe windows:4 windows x86 arch:x86

    c4b8b0aba9f9c876ca624bdbda64d516


    Headers

    Imports

    Sections

  • TrashMalwares-main/yesisdied complex.zip
    .zip