Overview

overview

10

Static

static

3

ComSvcConfig.exe

windows11-21h2-x64

10

Resubmissions

13-07-2024 00:36

240713-ax9cwsxgnm 10

13-07-2024 00:25

240713-aqngvaxdrp 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ComSvcConfig.rar

  • Size

    62KB

  • Sample

    240713-aqngvaxdrp

  • MD5

    83ffc1254e2a377b4bf9aeb8acbf3036

  • SHA1

    7310cf8489446090bc161a6e9d54b3f5422e57c9

  • SHA256

    9ffd34002e905f8d59ad45529e48afb206c1ba4eed0e70afd3bead6f846419ea

  • SHA512

    169c27347c6b5acff37db6be853b0415527ca27dd040ac059457b4a837591f2583471d61783f3c23c693177ec22378c30ad6660bc9b181dcafd98566e5aaf455

  • SSDEEP

    768:2l5YeztNOOgicHYX/gArUkKxHApQkTea6CoJGEGV+YYCQDsL60dNR8j/couc959J:45tKERPPqoyCEGcNpghdj8jLucAvobL

Score
10/10
asyncratyrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Y

C2

20.199.8.16:1726

Mutex

eYLuHMmPZK7A

Attributes
  • delay

    3

  • install

    false

  • install_file

    SeacrhIndexer

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      ComSvcConfig.exe

    • Size

      91KB

    • MD5

      531a8b9dcacc1caf586fc3c54d5b0d5c

    • SHA1

      33544df2d37910946f323b185447b2602b5df73c

    • SHA256

      f42dccf9d4ccc4e8c4ff16ec291d75d2c89a9ff09896fa39575abe4f1193d62d

    • SHA512

      08123799a24f5332283df02b270d7746c2d3a736667b5b030005f793c892ff35d026dcf7bed9eb927a6b67fae983c01b5ec3fabec50707b4b48f4ee71f58a5d2

    • SSDEEP

      1536:kMdVnKe6rNBEgHEB3uZaYx/2AAuAFQO+xZYhii/RoYy9B5Ilu67KhkFkTit:kMd9MNKoSAZbZQiCRoYy9B5Ilu67Kh/+

    Score
    10/10
    asyncratyrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix

Tasks