Overview

overview

10

Static

static

10

Infected.exe

windows10-1703-x64

10

Infected.exe

windows10-2004-x64

10

Infected.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Infected.exe

  • Size

    63KB

  • MD5

    784a8fee519682b6ef7e7fc800264768

  • SHA1

    0291860aa1c5d0aab1de8b6a40680261d9e3d6f6

  • SHA256

    26c9a3ecc40cb636508d32db93b203007ba9892f40d79d608ab773862937e358

  • SHA512

    cb073a85df9b48c6bcfe620bd4b6eb462aea6f97747ad9c78e92e1266b54776eb9afc62de8ba461115573d522b4c856db53d1806dcfafa1f87fe1ce53bd3776d

  • SSDEEP

    768:VFVsjkUAON78iHC8A+XuqazcBRL5JTk1+T4KSBGHmDbD/ph0oXcOFe7S3DHeSuDV:VwAOJ9dSJYUbdh9nFFHpuDdpqKmY7

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

central-aberdeen.gl.at.ply.gg:8000

central-aberdeen.gl.at.ply.gg:10404

147.185.221.20:8000

147.185.221.20:10404

72.216.117.218:8000

72.216.117.218:10404
Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Infected.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections