Overview

overview

10

Static

static

1

sheet rat v2.6.7z

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sheet rat v2.6.7z

  • Size

    29.8MB

  • Sample

    240724-stb74awcnc

  • MD5

    7711fffefdcb2bf2dcbbe6f9616d2066

  • SHA1

    eaaf96b6f574714d3954bf1078944dc8069b8fd4

  • SHA256

    8cb34690ae0cb7b8124f8feb1e3852def62e49071a775a457015c4e352a3ad93

  • SHA512

    90d2a968642620303e974c361d939f6eee6dfc1384870a3fd44a1cb164c5ed90a8bd2a7fc9c80452057343131091a44e0a645fea6e774fef00804d1b44844f3b

  • SSDEEP

    786432:bIVkxDTlPquNUuQuDFEh86AZB/uDC58+Y41+3Fqky:bIVwNPz+ukJAZSC5n1+a

Score
10/10
asyncratdiscoveryrat

Malware Config

Targets

    • Target

      sheet rat v2.6.7z

    • Size

      29.8MB

    • MD5

      7711fffefdcb2bf2dcbbe6f9616d2066

    • SHA1

      eaaf96b6f574714d3954bf1078944dc8069b8fd4

    • SHA256

      8cb34690ae0cb7b8124f8feb1e3852def62e49071a775a457015c4e352a3ad93

    • SHA512

      90d2a968642620303e974c361d939f6eee6dfc1384870a3fd44a1cb164c5ed90a8bd2a7fc9c80452057343131091a44e0a645fea6e774fef00804d1b44844f3b

    • SSDEEP

      786432:bIVkxDTlPquNUuQuDFEh86AZB/uDC58+Y41+3Fqky:bIVwNPz+ukJAZSC5n1+a

    Score
    10/10
    asyncratdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks