General

  • Target

    regasms.exe

  • Size

    63KB

  • Sample

    240525-q6g8rseg3v

  • MD5

    9cded6e0c0b625370bb17884b7611955

  • SHA1

    d55f1c17b783b372af8c8e2207386e4f3f886cd5

  • SHA256

    7cea3459fe006e787947d8eedc2770285061bc5e9a0ca0ffc7213a96756341fb

  • SHA512

    e83a3c4c8e0097f2ed20f8bff4526be646a2b3f574fc6f2876ce581208ccc0576124110cb4b4a5025a3ab1486c6d5a8e18ffe81cd8bc42c8792d54b7088639ab

  • SSDEEP

    1536:62wukvF1ak9gcKu5UYFQL2SNy5b/XPrdBHHCrmTGxx:62dkvF1ak9Ku5UYFSjy5b/Dd8EKx

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

LNKK

C2

leetboy.dynuddns.net:1338

Mutex

AsyncMutex_6h2caasdas2133sOkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      regasms.exe

    • Size

      63KB

    • MD5

      9cded6e0c0b625370bb17884b7611955

    • SHA1

      d55f1c17b783b372af8c8e2207386e4f3f886cd5

    • SHA256

      7cea3459fe006e787947d8eedc2770285061bc5e9a0ca0ffc7213a96756341fb

    • SHA512

      e83a3c4c8e0097f2ed20f8bff4526be646a2b3f574fc6f2876ce581208ccc0576124110cb4b4a5025a3ab1486c6d5a8e18ffe81cd8bc42c8792d54b7088639ab

    • SSDEEP

      1536:62wukvF1ak9gcKu5UYFQL2SNy5b/XPrdBHHCrmTGxx:62dkvF1ak9Ku5UYFSjy5b/Dd8EKx

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks