General

  • Target

    test.exe

  • Size

    45KB

  • MD5

    bc4c791aa70b4adf07a376737a075dd1

  • SHA1

    274901ce9693f6e2b4ea607fe5c7dfee905ee694

  • SHA256

    74fa7231ffab8d8ff06d85fc9f4863671356fe3a1b006d237dbc26b955d4bd5e

  • SHA512

    500012653ac84bd6d4db4d42341c2f8e7c0cfd96b6796fbb48cbdc30188bb87057d64c5ae2f285fb47d5ad6e8de2f1374b94c3538f327133adb203e1c903f524

  • SSDEEP

    768:5unq5TgoqzqWU8d9rmo2qrx8V1NpxTcPI1zjbkgX3igoige7n6/k0nircS5BDZ/x:5unq5TgNR2A8VXPTh13brXSg3geu/kO0

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

147.185.221.20:1083

147.185.221.20:9912

team-readings.gl.at.ply.gg:1083

team-readings.gl.at.ply.gg:9912

Mutex

dYolPHsaXbyj

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • test.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections