Overview

overview

10

Static

static

3

Ujuax.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ujuax.exe

  • Size

    4.8MB

  • Sample

    240717-jlfe4sthnd

  • MD5

    cc0586b98c46e5ed73efb1b0e9181130

  • SHA1

    ff4a38d4acb50e4385727ef5455b77344b9b01c6

  • SHA256

    b32f304e47735f05127ca24f7094514ef8b2b6d4d23c2b34a519ada6dc93b628

  • SHA512

    2a8e5c1f6a449abe949b7e1fab291a1919bb80859648fd2bad50cf46964a3292db7f63663a4aa9f62993f3f85fb1e14fd05dfc68f9632e25f19a59bdf9e22468

  • SSDEEP

    24576:D0cxDzNN+hJELofuY4e9fB03aZTtjck/aCbycRZxE7EiMdwTBHPJArTJnC03Ud1E:4cnk

Score
10/10
asyncratscarratspywarestealer

Malware Config

Extracted

Family

asyncrat

Version

AWS | 3Losh

Botnet

Scar

C2

scar77747.duckdns.org:6606

scar77747.duckdns.org:7707

scar77747.duckdns.org:8808
Mutex

Alx_alx

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Ujuax.exe

    • Size

      4.8MB

    • MD5

      cc0586b98c46e5ed73efb1b0e9181130

    • SHA1

      ff4a38d4acb50e4385727ef5455b77344b9b01c6

    • SHA256

      b32f304e47735f05127ca24f7094514ef8b2b6d4d23c2b34a519ada6dc93b628

    • SHA512

      2a8e5c1f6a449abe949b7e1fab291a1919bb80859648fd2bad50cf46964a3292db7f63663a4aa9f62993f3f85fb1e14fd05dfc68f9632e25f19a59bdf9e22468

    • SSDEEP

      24576:D0cxDzNN+hJELofuY4e9fB03aZTtjck/aCbycRZxE7EiMdwTBHPJArTJnC03Ud1E:4cnk

    Score
    10/10
    asyncratscarratspywarestealer

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks