Overview

overview

10

Static

static

10

Lp. Пос...т.exe

windows10-1703-x64

10

Lp. Пос...т.exe

windows7-x64

10

Lp. Пос...т.exe

windows10-2004-x64

10

Lp. Пос...т.exe

windows11-21h2-x64

10

Resubmissions

11/06/2024, 10:58

240611-m25xgsvdrn 10

11/06/2024, 10:50

240611-mxn36svcnp 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Lp. Последняя Реальность #47 ЖИВОЙ РОБОТ [Функционал] • Майнкрафт.mp4

  • Size

    45KB

  • MD5

    9909be471265289604c9ef722a40bdeb

  • SHA1

    7c72d43e6e30ac57f842f3a4ddce6e8bfb5a7a5a

  • SHA256

    dc0acd59327d5da9a49599131e53a2e67b5347059d76ff97eeebc77901feca6b

  • SHA512

    50fc462094b037a3b58d87c1f3c217894863f4acd9b682e18f6331615837d4a7320e9986540775e090e690ee803f6a1686b7249aee4df079cc76bf4fe30f4eb8

  • SSDEEP

    768:suwaNToEjaNLWU3+KZmo2q7OcxMxvzy6PIbzjbzgX3iZ64miWfROFpABDZ3x:suwaNToqad2TcqwDb3bsXS5jWfRO3WdB

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

7.tcp.eu.ngrok.io:7474

7.tcp.eu.ngrok.io:15335
Mutex

5cw0s9Y4RiZl

Attributes
  • delay

    3

  • install

    false

  • install_file

    anything.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Lp. Последняя Реальность #47 ЖИВОЙ РОБОТ [Функционал] • Майнкрафт.mp4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections