General

  • Target

    Infect123123312ed.exe

  • Size

    63KB

  • Sample

    240626-1srv6awcrh

  • MD5

    d5ba0a5a8df10dbffadf71e5f06e4709

  • SHA1

    4d4e643dcba3907bd75e48eff40a94fafcdc3422

  • SHA256

    1fffe01b9997179dbfae0a6900e2e78eaaa4209bee26a40ed4bbf7f52a95a27a

  • SHA512

    0964a385bad20638d5c29934fca53ec849baf5d35d2e7f1d1b4e6e2602b47f62d8eb2326c32257ea1518b22ac481a5d00d0a371019f2375431aea20d57f96f40

  • SSDEEP

    768:mm0vnfEXf78awC8A+XUhtBz+Q54AgqU5esi1+T4/SBCHmDbD9ph0oX0kbAASugdP:uEXiw+1QsikoUbvh9kugdpqKmY7

Score
10/10

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

2.tcp.eu.ngrok.io:3232

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Infect123123312ed.exe

    • Size

      63KB

    • MD5

      d5ba0a5a8df10dbffadf71e5f06e4709

    • SHA1

      4d4e643dcba3907bd75e48eff40a94fafcdc3422

    • SHA256

      1fffe01b9997179dbfae0a6900e2e78eaaa4209bee26a40ed4bbf7f52a95a27a

    • SHA512

      0964a385bad20638d5c29934fca53ec849baf5d35d2e7f1d1b4e6e2602b47f62d8eb2326c32257ea1518b22ac481a5d00d0a371019f2375431aea20d57f96f40

    • SSDEEP

      768:mm0vnfEXf78awC8A+XUhtBz+Q54AgqU5esi1+T4/SBCHmDbD9ph0oX0kbAASugdP:uEXiw+1QsikoUbvh9kugdpqKmY7

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks