asyncrat | 27d22777548ab55b34ee75ec9c0d241f1cb138e333250677e5d45abf15268269 | Triage

Sharing

General

Target

2316-58-0x00000000008D0000-0x00000000018D0000-memory.dmp
Size

16.0MB
Sample

240525-2k4enadf77
MD5

e55a858e0006e7f950c152c073d5e487
SHA1

1f593bd181faf91e6b11ab988555a06d109d86a1
SHA256

27d22777548ab55b34ee75ec9c0d241f1cb138e333250677e5d45abf15268269
SHA512

2d1e7dad43177d7540ea69cb3004e034054989c71f2e1582c25c6a2f8287abe6a18b0e10189b323a7c6b2591268d55ef41dc47fde18b971b7fed4939e853c05e
SSDEEP

3072:ppST7JS3xDUKuBg7JBZ3c3nMZPYOoJIvqIeu/i9bdJ2cewTob+Wpa:EJ2dUKFJB5c0XeSi9b7

Score

10^/10

asyncrat stormkitty default

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

https://api.telegram.org/bot6889241853:AAHAa8eUBd5h6tWRG0OvgDx7o1_LKQJi-y8/sendMessage?chat_id=6367688286

Mutex

AsyncMutex_6SI8OkPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Targets

- Target
  
  2316-58-0x00000000008D0000-0x00000000018D0000-memory.dmp
- Size
  
  16.0MB
- MD5
  
  e55a858e0006e7f950c152c073d5e487
- SHA1
  
  1f593bd181faf91e6b11ab988555a06d109d86a1
- SHA256
  
  27d22777548ab55b34ee75ec9c0d241f1cb138e333250677e5d45abf15268269
- SHA512
  
  2d1e7dad43177d7540ea69cb3004e034054989c71f2e1582c25c6a2f8287abe6a18b0e10189b323a7c6b2591268d55ef41dc47fde18b971b7fed4939e853c05e
- SSDEEP
  
  3072:ppST7JS3xDUKuBg7JBZ3c3nMZPYOoJIvqIeu/i9bdJ2cewTob+Wpa:EJ2dUKFJB5c0XeSi9b7
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

defaultstormkittyasyncrat

behavioral1

behavioral2