Overview

overview

10

Static

static

3

ac36dbf147...67.exe

windows7-x64

10

ac36dbf147...67.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ac36dbf1479ca89c6cc3571ba9e22bcae360efbe29f49cadb67a7b6e5f619467

  • Size

    2.4MB

  • Sample

    240523-b6sl6shd35

  • MD5

    d903ea257e435a91c9000068238f2a73

  • SHA1

    10e9a319ef98cb760ac27316fea7df85a26bcb89

  • SHA256

    ac36dbf1479ca89c6cc3571ba9e22bcae360efbe29f49cadb67a7b6e5f619467

  • SHA512

    cfb0a6bde33d2164d8aab463aa5a5b82de4a5adea7b4d96ca4b8383dc57b3fb3680257c8928a7148b3bfc84e56d03163978b38a56ab53e33227f133b20f185c2

  • SSDEEP

    49152:1ELN3uyprLJAeK7+TBLQEOJ4ieQ1YjJ+wJL6czK4EMdO2GnVQw+e489:1S3z3GtaBLPVQijERce4Eyfw+ed

Score
10/10
asyncratrat

Malware Config

Extracted

Family

asyncrat

C2

114.130.36.120:6666

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      ac36dbf1479ca89c6cc3571ba9e22bcae360efbe29f49cadb67a7b6e5f619467

    • Size

      2.4MB

    • MD5

      d903ea257e435a91c9000068238f2a73

    • SHA1

      10e9a319ef98cb760ac27316fea7df85a26bcb89

    • SHA256

      ac36dbf1479ca89c6cc3571ba9e22bcae360efbe29f49cadb67a7b6e5f619467

    • SHA512

      cfb0a6bde33d2164d8aab463aa5a5b82de4a5adea7b4d96ca4b8383dc57b3fb3680257c8928a7148b3bfc84e56d03163978b38a56ab53e33227f133b20f185c2

    • SSDEEP

      49152:1ELN3uyprLJAeK7+TBLQEOJ4ieQ1YjJ+wJL6czK4EMdO2GnVQw+e489:1S3z3GtaBLPVQijERce4Eyfw+ed

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Detects executables attemping to enumerate video devices using WMI

    • Detects executables containing the string DcRatBy

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks