General

  • Target

    regasms.exe

  • Size

    63KB

  • MD5

    9cded6e0c0b625370bb17884b7611955

  • SHA1

    d55f1c17b783b372af8c8e2207386e4f3f886cd5

  • SHA256

    7cea3459fe006e787947d8eedc2770285061bc5e9a0ca0ffc7213a96756341fb

  • SHA512

    e83a3c4c8e0097f2ed20f8bff4526be646a2b3f574fc6f2876ce581208ccc0576124110cb4b4a5025a3ab1486c6d5a8e18ffe81cd8bc42c8792d54b7088639ab

  • SSDEEP

    1536:62wukvF1ak9gcKu5UYFQL2SNy5b/XPrdBHHCrmTGxx:62dkvF1ak9Ku5UYFSjy5b/Dd8EKx

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

LNKK

C2

leetboy.dynuddns.net:1338

Mutex

AsyncMutex_6h2caasdas2133sOkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • regasms.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections