Overview

overview

10

Static

static

10

real yaku ...st.exe

windows10-1703-x64

10

real yaku ...st.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    real yaku rat btw.rar

  • Size

    24KB

  • MD5

    56d1bb67621c975503c1265de3a81af7

  • SHA1

    c56669b9c7f235a1f27d969d09ecae3cf4d94564

  • SHA256

    3417c00221fdadcbd1d799f17f27866ca67a83fdb4300561bbc59889a75dc4cd

  • SHA512

    046f9b02d9e0f3276066ed15c4d5fdd83b04d5b692ff87c299386ac5c07ce094f0454135ca2c65dc3c3f5a9c6278aff82d170dbe891ede2c973933e0b10531fb

  • SSDEEP

    384:GVZTAVXj6axWFEictjm4KIYaDlcZWcVXNK/Vqej+13yNqa6GC7d4n5ZyXiUebHCK:GQXj6akF0tjm4MSuDWXjgy3C7eyyJiK

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808
Mutex

NUxv2StaiLXp

Attributes
  • delay

    3

  • install

    true

  • install_file

    yaku.exe

  • install_folder

    %Temp%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • real yaku rat btw.rar
    .rar
  • real yaku rat btw/aimassist.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections