General

  • Target

    123yu187236781223ed.exe

  • Size

    63KB

  • Sample

    240626-1tel8ayfkj

  • MD5

    74d8d7f383f7252dd83625c43afb7aaf

  • SHA1

    8699b301eb42ff577f265d87312fc8c83c575d55

  • SHA256

    a6a2269a459c125500d771756179161a9b14cae9957cf6c2f984f9db1dadc0ee

  • SHA512

    66df11617d62a660d619db6f3472eb4665034395cbc323522080d3056b5f605dab863155ff5154c0bafacc81be1b13e94dda5da5c69a9238d43327881c9a9e39

  • SSDEEP

    1536:KEXi5gqSa6fUiWhUbkh9Q2R9uMdpqKmY7:KZWqSffghUbkc2RbGz

Score
10/10

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

0.tcp.eu.ngrok.io:18951

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      123yu187236781223ed.exe

    • Size

      63KB

    • MD5

      74d8d7f383f7252dd83625c43afb7aaf

    • SHA1

      8699b301eb42ff577f265d87312fc8c83c575d55

    • SHA256

      a6a2269a459c125500d771756179161a9b14cae9957cf6c2f984f9db1dadc0ee

    • SHA512

      66df11617d62a660d619db6f3472eb4665034395cbc323522080d3056b5f605dab863155ff5154c0bafacc81be1b13e94dda5da5c69a9238d43327881c9a9e39

    • SSDEEP

      1536:KEXi5gqSa6fUiWhUbkh9Q2R9uMdpqKmY7:KZWqSffghUbkc2RbGz

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks