General

  • Target

    a13c1ec24d6b087a6ac188b0fd254178.exe

  • Size

    204KB

  • Sample

    240601-e8s79sab4x

  • MD5

    a13c1ec24d6b087a6ac188b0fd254178

  • SHA1

    fbe22171427327ec23240f5bc9896854110f360a

  • SHA256

    7b7f9647dbc512c0f9857332b181991b1e8f6b1ab0634f31d8612ee483d2933f

  • SHA512

    1ab541db748b8817e069d1ff73037e606f2913a57078e2080d60a1fbdb108d7d5b7698b10304ea271a48493432b20a14ac464fa584c0fa6bea27d7c78369acf5

  • SSDEEP

    6144:xwNoDdeAXRBEKws40lwQv/Xs/Vs7TCh5j:xwNgdXeslzXs/Vs7Oh

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

192.168.1.2:1800

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      a13c1ec24d6b087a6ac188b0fd254178.exe

    • Size

      204KB

    • MD5

      a13c1ec24d6b087a6ac188b0fd254178

    • SHA1

      fbe22171427327ec23240f5bc9896854110f360a

    • SHA256

      7b7f9647dbc512c0f9857332b181991b1e8f6b1ab0634f31d8612ee483d2933f

    • SHA512

      1ab541db748b8817e069d1ff73037e606f2913a57078e2080d60a1fbdb108d7d5b7698b10304ea271a48493432b20a14ac464fa584c0fa6bea27d7c78369acf5

    • SSDEEP

      6144:xwNoDdeAXRBEKws40lwQv/Xs/Vs7TCh5j:xwNgdXeslzXs/Vs7Oh

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks