Overview

overview

10

Static

static

3

be34486af2...be.exe

windows7-x64

be34486af2...be.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    be34486af22ed5e49abe005fd8bf1ea2046bfb7f7615275a2b588c3a3f394bbe

  • Size

    1.8MB

  • Sample

    240309-qkxfkagf69

  • MD5

    31234ea6fe41fe911d10c290aa449420

  • SHA1

    af8597ca61ad3ce337d0f2302e0413fcde2c93e3

  • SHA256

    be34486af22ed5e49abe005fd8bf1ea2046bfb7f7615275a2b588c3a3f394bbe

  • SHA512

    80f7265db6c6971460bf5cccd3d7718961bd6e3d9c27f8ca3b6a98fe67bb04cc32e3a40df0a8e9edefd10df3ff813453ea4620402238bc1d29b408136eb47fb4

  • SSDEEP

    49152:RAR6pHImCXi45lSevpEie7zoDb49aXZmMA8OnSPCe:RwI7Wl5Yei1ov49unD8e

Score
10/10
asyncratdefaultpersistencerat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

1.err.line.pm:4449

Mutex

glzznzesxsoyn

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      be34486af22ed5e49abe005fd8bf1ea2046bfb7f7615275a2b588c3a3f394bbe

    • Size

      1.8MB

    • MD5

      31234ea6fe41fe911d10c290aa449420

    • SHA1

      af8597ca61ad3ce337d0f2302e0413fcde2c93e3

    • SHA256

      be34486af22ed5e49abe005fd8bf1ea2046bfb7f7615275a2b588c3a3f394bbe

    • SHA512

      80f7265db6c6971460bf5cccd3d7718961bd6e3d9c27f8ca3b6a98fe67bb04cc32e3a40df0a8e9edefd10df3ff813453ea4620402238bc1d29b408136eb47fb4

    • SSDEEP

      49152:RAR6pHImCXi45lSevpEie7zoDb49aXZmMA8OnSPCe:RwI7Wl5Yei1ov49unD8e

    Score
    10/10
    asyncratdefaultpersistencerat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks