Overview

overview

10

Static

static

10

msg.exe

windows7-x64

10

msg.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    msg.exe

  • Size

    65KB

  • MD5

    3304872eb5f8f05b6ea7259446b5899c

  • SHA1

    156b02577689b8d3620b666cbd2f5c41d83100d0

  • SHA256

    e22a31fdf71a913964b1f1328e132325f0188b56e5a65c025f0d553e440e2cf2

  • SHA512

    b80026020cb42d53ea8209bbcecace631fc700cdf762005d5b45b1f1757e5c83ac2ffae23ce92f09c167a50b1a7c3c5eede1aad563f57f70ee26a2413ecd7fe2

  • SSDEEP

    1536:32IkI9j9k5beUM7u0BrlOnmGBYIZE8XU6ab6A72AS+b5UmPtb5YS8UJ572r53Rlx:32IkI9j9k1E8XU6ac+b5UmFb5YSbadfx

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

Xchallenger | 3Losh

Botnet

Default

C2

mochas.in-the-band.net:6606

mochas.in-the-band.net:7707

mochas.in-the-band.net:8808
Mutex

AsyncMutex_alosh

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • msg.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections