Resubmissions

21/06/2024, 16:10

240621-tmd9jsxcpa 10

20/06/2024, 17:33

240620-v4xynatdlk 10

General

  • Target

    17818621902.zip

  • Size

    154.3MB

  • MD5

    49f0959b7aa2902f44683418f5433eed

  • SHA1

    f8d205a8d0a9935978898720492a06014d41e769

  • SHA256

    37e81d688e24a19528b99638b895f3cd94989f11bbd39d9561dec84ae43c8119

  • SHA512

    6b84b27075c9403e756924aee02a2f32428de12307d0219bc42a3645e8de31e4e7f3e1cfa7f00972fb1103b7dc866d21293d21afe27ff1b9d61a09afb6ff703f

  • SSDEEP

    3145728:cDuHBPz/sUTFepxjpuKxGauVCaIYdan2YzBso2rFTlZ37GJC7ltQjZ:CUTOxjcKkauVxdaLBleFRZQCIjZ

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

107.175.202.158:6606

107.175.202.158:30814

107.175.202.158:25565

107.175.202.158:443

Mutex

anQK5EUHL5vU

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Detect Pysilon 1 IoCs
  • Pysilon family
  • Detects Pyinstaller 3 IoCs
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 17818621902.zip
    .zip

    Password: infected

  • 3d4c6a5de44c00e749925ec7c94d23826f3bcfc5ca98c906447ccd95dad299dc
    .exe windows:5 windows x64 arch:x64

    f4f2e2b03fe5666a721620fcea3aea9b


    Headers

    Imports

    Sections

  • Dropper.pyc
  • 9dddc3892790516ad713109cce19d0b0ef3f5e5a16e0f44bcb3d887a7bbd955c
    .exe windows:5 windows x64 arch:x64

    f4f2e2b03fe5666a721620fcea3aea9b


    Code Sign

    Headers

    Imports

    Sections

  • misc.pyc
  • source_prepared.pyc
  • ad903eb865d95020f788fba8d258453685da8fa90ad874910e3ca96688bc4277
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • discord_token_grabber.pyc
  • get_cookies.pyc
  • misc.pyc
  • passwords_grabber.pyc
  • source_prepared.pyc
  • fc1443222c765d941e38f6e796f9fd82538ac31ba06322e7534eeccf08f0e2c4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections