General

  • Target

    LastActivityView.exe

  • Size

    69KB

  • MD5

    0f9957e07c58ab3e2870c0e8bf7d872a

  • SHA1

    1a1d98204c0ed2ac1a693ae4fac0127ffbd61425

  • SHA256

    5b4b7ee3ed81ea6e75c4ee134cce259605ac1afa38229ca6f34e8d5329f33dd6

  • SHA512

    8ca2f8229637c875f5520cfa526508ab055f2d46588e722cf68895e7a208fc90571e38ee29095a9f07b39965f3c9436264f582b22e8ae11bc5bc07bbbada8225

  • SSDEEP

    1536:YcKvgnZY4E/YYUbth9Dru9YhDWakpqKmY7:9tnZY4EQYUbtsavz

Score
10/10

Malware Config

Extracted

Family

asyncrat

Botnet

Default

Attributes
  • delay

    1

  • install

    true

  • install_file

    tck.exe

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/R8gFU5SX

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • LastActivityView.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections