Overview

overview

10

Static

static

10

2220-4926-...ry.exe

windows7-x64

2220-4926-...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2220-4926-0x0000000000400000-0x0000000000412000-memory.dmp

  • Size

    72KB

  • Sample

    240425-g8xlssge46

  • MD5

    7d215bd85232f412fba8dcede1bb8092

  • SHA1

    e2ba791b288cdc75324c54ea6da3ccde4eabac12

  • SHA256

    cb96149b8f6d5d713fb05e2972a3153c471f37f1aa28f614a999c90dd71ccc3a

  • SHA512

    eb621398622f554ef25ac46ea767a49a08756323a26385bb1d4a93fa28cc420e5641e53b1edcdf06f8e26caccf95f62a009c4302e8a969327d50dc6c332ac576

  • SSDEEP

    1536:QuPfZTgKa2BKTkDy3bCXSAcuJYERpwLdqx:QuPBTgKa2BskDy3bCZcuJjRiLox

Score
10/10
asyncratdefault

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

tomx.brasilia.me:6606

tomx.brasilia.me:7707

tomx.brasilia.me:8808

91.92.253.249:6606

91.92.253.249:7707

91.92.253.249:8808
Mutex

vWKJAJDsDf09

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      2220-4926-0x0000000000400000-0x0000000000412000-memory.dmp

    • Size

      72KB

    • MD5

      7d215bd85232f412fba8dcede1bb8092

    • SHA1

      e2ba791b288cdc75324c54ea6da3ccde4eabac12

    • SHA256

      cb96149b8f6d5d713fb05e2972a3153c471f37f1aa28f614a999c90dd71ccc3a

    • SHA512

      eb621398622f554ef25ac46ea767a49a08756323a26385bb1d4a93fa28cc420e5641e53b1edcdf06f8e26caccf95f62a009c4302e8a969327d50dc6c332ac576

    • SSDEEP

      1536:QuPfZTgKa2BKTkDy3bCXSAcuJYERpwLdqx:QuPBTgKa2BskDy3bCZcuJjRiLox

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks