Overview

overview

10

Static

static

1

e0c7527244...aa.ps1

windows7-x64

1

e0c7527244...aa.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e0c75272441cfaa0d0544851bf63905460cd1c799c510242538bb36e988a55aa.zip

  • Size

    76KB

  • Sample

    240419-ske8dsfd96

  • MD5

    365aadc952e9dfe39c2a0ed1ed2455ff

  • SHA1

    90b047e5c89f5d95a8cea8a4429cdb115204d4f2

  • SHA256

    f965cd05f33977ad6ae1df5832766edf0846d4adc976aa0dfe89e7ff80e9b828

  • SHA512

    dceb9081410b911412641e348b0b0d084731e0f1848b44d86a97f8eca713221192ee85af58ba5ddb598bde5211ffa043a5f4a18a8a0e8624646b53f48f006079

  • SSDEEP

    1536:kgPZZMXWvb60+EGwDWr1oZkkJZTaE9bsLp8Vb8+UM+Z0:RAWjWBwj6GE+ChrZ0

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

Default

C2

185.81.157.135:7777

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      e0c75272441cfaa0d0544851bf63905460cd1c799c510242538bb36e988a55aa

    • Size

      260KB

    • MD5

      dde9873dd1d37a271ddd0e4536e02247

    • SHA1

      b362af9bea75c7e774ca992e9e14fff103500c1c

    • SHA256

      e0c75272441cfaa0d0544851bf63905460cd1c799c510242538bb36e988a55aa

    • SHA512

      7e9bc087b1ca0595b85cf767140afc655d354bab4c49308a3f118fce69e6c4f337adecc729bd0138ab639f8a698f1bc3356c8e78a5afec24becc021089a2c5e9

    • SSDEEP

      6144:XpMjwVulPAowmGcAh3ApNZezLPgSHV04nxT:aj2uzsVZ

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks