General

  • Target

    2cb3ccdd4a695657e2a4a73147070f2c724d3ec1e9b1febddc4774643eeaa044

  • Size

    47KB

  • MD5

    c6f6dc7bba217c28483bf2d105cbfad2

  • SHA1

    e09f5fb55ee7c3709c310d0882437ccc95d14acf

  • SHA256

    2cb3ccdd4a695657e2a4a73147070f2c724d3ec1e9b1febddc4774643eeaa044

  • SHA512

    60d7cc4f0a9538b677a7ee71553ce0ea95d0225e68d60ea36ed931a3e6f6200a0b1ff5e77e1b9b488e1879b5d843f82a3893acf451977702dd154e649049c2a3

  • SSDEEP

    768:4u1a71T3EiJfWUzDydmo2qz/0KuKbYWiDOQtPI9aygOB0KK60bNEyklQR/MVG4D7:4u1a71T3xq2+0KADXK9aC0KKlbNEXQR2

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

Mutex

Y27AkfNWf4he

Attributes
  • delay

    3

  • install

    true

  • install_file

    Solara.exe

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/UpAYSpm6

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Detects file containing reversed ASEP Autorun registry keys 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2cb3ccdd4a695657e2a4a73147070f2c724d3ec1e9b1febddc4774643eeaa044
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections