General

  • Target

    update.cmd

  • Size

    48KB

  • Sample

    240313-xv3tnadd4x

  • MD5

    5e0da87496c6454d04148baabc21469d

  • SHA1

    82be7e466e91f4fc62d33d5d560123782244c697

  • SHA256

    d021be3175abbbcc6fdc2e8bc118f40f4969653d6f2a93231c013c9664670231

  • SHA512

    9cc02ad6dc262a32de5e71e3b3c72e6a818e5360503db211c925e9a587c00fb990fbfa23d8adf8a6aa69f5a411dfab8c09a7354af3161d50cd7001ddd8a47df7

  • SSDEEP

    1536:aNwDnqwG8bfHOs2o6A5KXhM3xpZU4Q6fof0YTf:cwrZbfHL5KXmy4QXf0YTf

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

M13

C2

editorials.duckdns.org:5801

Mutex

FMP1pUmaOyhu

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      update.cmd

    • Size

      48KB

    • MD5

      5e0da87496c6454d04148baabc21469d

    • SHA1

      82be7e466e91f4fc62d33d5d560123782244c697

    • SHA256

      d021be3175abbbcc6fdc2e8bc118f40f4969653d6f2a93231c013c9664670231

    • SHA512

      9cc02ad6dc262a32de5e71e3b3c72e6a818e5360503db211c925e9a587c00fb990fbfa23d8adf8a6aa69f5a411dfab8c09a7354af3161d50cd7001ddd8a47df7

    • SSDEEP

      1536:aNwDnqwG8bfHOs2o6A5KXhM3xpZU4Q6fof0YTf:cwrZbfHL5KXmy4QXf0YTf

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks