General
-
Target
99c18abc9774f9bc8aae3c9226e0b1b1ba96e188ab454c9bf95ae7d7093b4b57
-
Size
726KB
-
Sample
240524-ehwkpscc3t
-
MD5
dd798a2b8fb0daf3b91fde8a450b873d
-
SHA1
6ae9d6ba1d4a4df1c19f76beb66f1cf067bde143
-
SHA256
99c18abc9774f9bc8aae3c9226e0b1b1ba96e188ab454c9bf95ae7d7093b4b57
-
SHA512
cef0a5895f57f98cd24dcc22d1693b1e8695b479daa35e7b59d03c5b4faa586e8e612db068d7414cd0dd9b5d64fdd48c04d68168d86a17caf12a2f1037f38a60
-
SSDEEP
12288:j0MDDRwl9uWD44DiV8zJBzYqXbbhwnH7BmF2ppVgcAVq0+A0x6y5DP:j9S9X04OVEBzYqXbCH7BmupVgFVq0oxJ
Malware Config
Extracted
asyncrat
110.40.181.85:8848
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
99c18abc9774f9bc8aae3c9226e0b1b1ba96e188ab454c9bf95ae7d7093b4b57
-
Size
726KB
-
MD5
dd798a2b8fb0daf3b91fde8a450b873d
-
SHA1
6ae9d6ba1d4a4df1c19f76beb66f1cf067bde143
-
SHA256
99c18abc9774f9bc8aae3c9226e0b1b1ba96e188ab454c9bf95ae7d7093b4b57
-
SHA512
cef0a5895f57f98cd24dcc22d1693b1e8695b479daa35e7b59d03c5b4faa586e8e612db068d7414cd0dd9b5d64fdd48c04d68168d86a17caf12a2f1037f38a60
-
SSDEEP
12288:j0MDDRwl9uWD44DiV8zJBzYqXbbhwnH7BmF2ppVgcAVq0+A0x6y5DP:j9S9X04OVEBzYqXbCH7BmupVgFVq0oxJ
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Drops file in System32 directory
-