General

  • Target

    1343a927e6778744d23342667ec88efd.bin

  • Size

    70KB

  • Sample

    240620-bg1w9azgkb

  • MD5

    5fd9153c39a3c24984a38ab4cf1e4332

  • SHA1

    82cda16ca5e999baaffdeb3a5c6d297c7c389174

  • SHA256

    b343dc5a1e15055f2dbcfc1d5dac6b0cec984c613d74dc1fb77e218eb174b901

  • SHA512

    e80e397756e41ff6671ff0297d5e39a3a83b4dc422a1cde3c2fda158f528c61520b4f0b0904fa54d7abcf498bc480af515ced7206c548ecc399765351d8bb0f0

  • SSDEEP

    1536:kXPSVRckR+7r26YcFF4wNUjl5GGUAU4M0d03q9k7ZLZyqMC7GxbJ:kX6VGa+766fDnUj3RA0dEq9qZLZy7xt

Score
10/10

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:7771

127.0.0.1:39377

doffuovouvvufoz97964d-39377.portmap.host:7771

doffuovouvvufoz97964d-39377.portmap.host:39377

Attributes
  • delay

    1

  • install

    true

  • install_file

    lulz.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      178312f109fe57b02dfb81ca88e3016204480e72a902e7867cb5e160082cf7a5.exe

    • Size

      116KB

    • MD5

      1343a927e6778744d23342667ec88efd

    • SHA1

      aa04a0ede10327949a8d85297df0f73403230b97

    • SHA256

      178312f109fe57b02dfb81ca88e3016204480e72a902e7867cb5e160082cf7a5

    • SHA512

      b956cff941ad3e594b5b5568fbefb4b190caf8fae6c827a0a31460c5d2b26440ddcf03252fa03c78eb4e18ebdfb688422c2d1dcea2100c3f829ec7e0afe9c2ba

    • SSDEEP

      1536:p0VAGN3q2sHYUrRjX1X5obFEVmzraSO/JaMuHq29KjtVB:WaGNa2s7rRD5ebImzrK/Ja/b9WtVB

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks