Overview

overview

10

Static

static

1

6edbed1b16...ad.exe

windows7-x64

10

6edbed1b16...ad.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6edbed1b167849bf9808b2288299949fd931495836ee3c756d3c724e3d8e9ead.exe

  • Size

    2.1MB

  • Sample

    240801-bwvzjsygjh

  • MD5

    1a971ae6733d7e44be5dea94d23c3109

  • SHA1

    5525db66718f2581affb8797013eae8d04b23464

  • SHA256

    6edbed1b167849bf9808b2288299949fd931495836ee3c756d3c724e3d8e9ead

  • SHA512

    cebc15da8d22877645e2685f123a93c988a2b05a19b1dd56c00dc1a27fef41ffa5653d1895f0744f6d43289c18477adb0d540a56d814699dc0b1cf11157bc2e1

  • SSDEEP

    24576:ehW35p/472XtvAwUUtC90Mv569TEhJVnEvfhdUiAgBD/GqiOIBRMdn99uW5AstDt:QWJp7tnt4vQghbAhBD+JMvDV

Score
10/10
asyncratdefaultdiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

Mutex

goMutex_pong

Attributes
  • c2_url_file

    https://xianggangip.oss-cn-hongkong.aliyuncs.com/IDS.txt

  • delay

    13

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      6edbed1b167849bf9808b2288299949fd931495836ee3c756d3c724e3d8e9ead.exe

    • Size

      2.1MB

    • MD5

      1a971ae6733d7e44be5dea94d23c3109

    • SHA1

      5525db66718f2581affb8797013eae8d04b23464

    • SHA256

      6edbed1b167849bf9808b2288299949fd931495836ee3c756d3c724e3d8e9ead

    • SHA512

      cebc15da8d22877645e2685f123a93c988a2b05a19b1dd56c00dc1a27fef41ffa5653d1895f0744f6d43289c18477adb0d540a56d814699dc0b1cf11157bc2e1

    • SSDEEP

      24576:ehW35p/472XtvAwUUtC90Mv569TEhJVnEvfhdUiAgBD/GqiOIBRMdn99uW5AstDt:QWJp7tnt4vQghbAhBD+JMvDV

    Score
    10/10
    asyncratdefaultdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks