General

  • Target

    COMPILED.zip

  • Size

    6.9MB

  • Sample

    240531-xy7xsaab3y

  • MD5

    30b1961a9b56972841a3806e716531d7

  • SHA1

    63c6880d936a60fefc43a51715036c93265a4ae5

  • SHA256

    0b29711ec115c27f4cd6963b9ea1e4febf15624f1c17d1c018611ee3df8c333c

  • SHA512

    9449065743226bd15699e710b2bab2a5bb44866f2d9a8bd1b3529b7c53d68e5ecba935e36406d1b69e1fb050f50e3321ef91bc61faac9790f6209fec6f930ed0

  • SSDEEP

    196608:C+MPQJu8YfQFtMAFMQ5RIhFmQ06L29tJW0SCK5u:C+mQ08YfQNMQ5RI7i9LSCAu

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

ylGYGrUJi9Ck

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      COMPILED.zip

    • Size

      6.9MB

    • MD5

      30b1961a9b56972841a3806e716531d7

    • SHA1

      63c6880d936a60fefc43a51715036c93265a4ae5

    • SHA256

      0b29711ec115c27f4cd6963b9ea1e4febf15624f1c17d1c018611ee3df8c333c

    • SHA512

      9449065743226bd15699e710b2bab2a5bb44866f2d9a8bd1b3529b7c53d68e5ecba935e36406d1b69e1fb050f50e3321ef91bc61faac9790f6209fec6f930ed0

    • SSDEEP

      196608:C+MPQJu8YfQFtMAFMQ5RIhFmQ06L29tJW0SCK5u:C+mQ08YfQNMQ5RI7i9LSCAu

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Executes dropped EXE

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks