Overview

overview

10

Static

static

1

007963bb46...18.ps1

windows7-x64

10

007963bb46...18.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    007963bb4666bc4964a1b02953a9792b_JaffaCakes118

  • Size

    60KB

  • Sample

    240426-lfzynsde84

  • MD5

    007963bb4666bc4964a1b02953a9792b

  • SHA1

    d8fbe0f102e575c7275d9beabbe7a7cec59128ba

  • SHA256

    1cb3dfa6ba3406bb02f3801db6ad9d8f4cc958a94a1f9045664642b262bad8ac

  • SHA512

    92ae105f8dd09ca80fe10e29c2c3d32c435106a4cf9e87aba01ec4b88a4c3dc06ebf199a2244383eb92c07a3f66a45dc75f8276c5712ef593321fd3d96162034

  • SSDEEP

    1536:TgxwfDXh17SoFw8PI4Y042kbBNRCTFrtIoOEHoR7:JR17SMwUO042ONETpz4

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

192.168.1.5:8080

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_file

    Update.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      007963bb4666bc4964a1b02953a9792b_JaffaCakes118

    • Size

      60KB

    • MD5

      007963bb4666bc4964a1b02953a9792b

    • SHA1

      d8fbe0f102e575c7275d9beabbe7a7cec59128ba

    • SHA256

      1cb3dfa6ba3406bb02f3801db6ad9d8f4cc958a94a1f9045664642b262bad8ac

    • SHA512

      92ae105f8dd09ca80fe10e29c2c3d32c435106a4cf9e87aba01ec4b88a4c3dc06ebf199a2244383eb92c07a3f66a45dc75f8276c5712ef593321fd3d96162034

    • SSDEEP

      1536:TgxwfDXh17SoFw8PI4Y042kbBNRCTFrtIoOEHoR7:JR17SMwUO042ONETpz4

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks