General

  • Target

    playitas.exe

  • Size

    47KB

  • MD5

    9f125b7e551098571dfc06e2ab712b05

  • SHA1

    eb0dd8958ec85e2e28ebbbc66696621bda8f75c2

  • SHA256

    6058e45f6c17cda0b28227d09b3c1cdc662051741a0fbdeea6e82a52f5fb9a25

  • SHA512

    3760cdcd2652f3cf2ac6ec4079c283ee81a8c82b33f940ca71ac1ef943295bd803d92fc07a6df4e4ec0ae55529fbd78052dc4c2fb6d8198329bf114c75d1bd6d

  • SSDEEP

    768:YuChNTgoZqNYhWU5RTnLmo2qrLpG887LBrjTlPIaDaqrlbyiGcG9mS0zsJBGSSnY:YuChNTgmqe2op8XVTiaeqpbyoG9RRJBV

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:9388

127.0.0.1:5353

tax-sri.gl.at.ply.gg:9388

tax-sri.gl.at.ply.gg:5353

Mutex

aPR7bsx71z7b

Attributes
  • delay

    3

  • install

    false

  • install_file

    Sez

  • install_folder

    %AppData%

aes.plain
1
7ZgZGn9pJ3sZzg1dNYYMaaVilUwHFWBq

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • playitas.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.