Overview

overview

10

Static

static

10

53677ec9a7...45.exe

windows7-x64

10

53677ec9a7...45.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    53677ec9a71a72447531c8e81956df068800b738dae73ed46d700e01bea58745

  • Size

    52KB

  • MD5

    c3f34df135ab3ba4b0c8408a3fe041f8

  • SHA1

    a26cc4fc291830ce9f4b5726fb196a3893c38dcb

  • SHA256

    53677ec9a71a72447531c8e81956df068800b738dae73ed46d700e01bea58745

  • SHA512

    2a6cb888d4bc6e5a234b2692f80d0389739f2c4994e2a5e705ca9ab57ee9e05292b4d9fa7a29309ca2859cfe8b596fb0720d42505050615206b1e048bb81a9a1

  • SSDEEP

    1536:ouUDVT0d5262POAgB8CRbHUdlaacfKodd5N:ouUBT0d527OAgBZbHUaacDN

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

91.92.241.69:5555

Mutex

WZl6sjIAcmXI

Attributes
  • delay

    3

  • install

    true

  • install_file

    AMD Update Manager.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 53677ec9a71a72447531c8e81956df068800b738dae73ed46d700e01bea58745
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections