General

  • Target

    12edfae99bb76bc207f28f94608167a0N.exe

  • Size

    2.4MB

  • Sample

    240721-1ay7hsvhnc

  • MD5

    12edfae99bb76bc207f28f94608167a0

  • SHA1

    595d7b4bfc63b9c6752236ad476dfe38e785d2f7

  • SHA256

    e78f3b078feeb0f431cdc2329f2ef7313b072d3fdb7073cb6aea12c7873e7aaf

  • SHA512

    a38791f4e92fd1359fb6e44a6b6943dee288ba89d3b1b17524363405c24db2a6c50ef3a4f95565e5f464d2a4b59b0303608285e9f4728cdbe78a9ff0e527b35b

  • SSDEEP

    49152:UeLJJtmeOJZFurwIrYRZqpxh2Q9yjzIjC/q8tfNstbwK/eWL0yqbbt:INIrYLYhtvMtfNstsQVL0yqbbt

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

Mutex

B6nFmGTapMtl

Attributes
  • delay

    3

  • install

    false

  • install_file

    curl.exe

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/3WsmZuWC

aes.plain

Targets

    • Target

      12edfae99bb76bc207f28f94608167a0N.exe

    • Size

      2.4MB

    • MD5

      12edfae99bb76bc207f28f94608167a0

    • SHA1

      595d7b4bfc63b9c6752236ad476dfe38e785d2f7

    • SHA256

      e78f3b078feeb0f431cdc2329f2ef7313b072d3fdb7073cb6aea12c7873e7aaf

    • SHA512

      a38791f4e92fd1359fb6e44a6b6943dee288ba89d3b1b17524363405c24db2a6c50ef3a4f95565e5f464d2a4b59b0303608285e9f4728cdbe78a9ff0e527b35b

    • SSDEEP

      49152:UeLJJtmeOJZFurwIrYRZqpxh2Q9yjzIjC/q8tfNstbwK/eWL0yqbbt:INIrYLYhtvMtfNstsQVL0yqbbt

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks