Overview

overview

10

Static

static

3

b5522fb268...b4.exe

windows7-x64

10

b5522fb268...b4.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25dbcf1fe03ad12511191f54bff57d76.bin

  • Size

    356KB

  • Sample

    240802-b3pfcaxhqn

  • MD5

    83ca489becc361a7c0cc729a79f48baf

  • SHA1

    da322c16edaa15dc7037fc4e807dbfd71797182f

  • SHA256

    f2746179db232e718379f60247309a5cc65dabb0adae4732fa4279d7af972a6e

  • SHA512

    505b42fa670cde3ad34ca9951f05879310c6c271f7d1ac6d204358d99fb33bc88c4555cfc86e83b1b4b016f30b5c5f8e3fec5986780caba76e8242aefcda3faa

  • SSDEEP

    6144:3Id6OMOhtdfV3MhWRLsn21/T++A5kMljRGJ7hzsWNU1sbMNAOGoxrMHBa:Yd6OMWtvgWds21XAKMuhzsWimMS2kE

Score
10/10
asyncratamudiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

AMU

C2

jnmanymen.ydns.eu:1470

Mutex

Y9Lj8dOJExpn

Attributes
  • delay

    10

  • install

    true

  • install_file

    windows.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      b5522fb2683e7ff30d329d6d7afd7b5eca7b60d581757476bda4925f8f10ddb4.exe

    • Size

      585KB

    • MD5

      25dbcf1fe03ad12511191f54bff57d76

    • SHA1

      b748178f5756712162edec1e85fa6e0a456bc722

    • SHA256

      b5522fb2683e7ff30d329d6d7afd7b5eca7b60d581757476bda4925f8f10ddb4

    • SHA512

      ecdc722f18d81fbd0dbd164b6bdfec25fa2c3b3bbc3305f2a8c092b4e0607932c2ee0303a3bbadc6f38ff74b406444f1b401d7822727f66fe139796cad13d722

    • SSDEEP

      6144:9YZmun4mCYZWNfg2IJHCRrtDWZALTgvLP1fB+toSUMqQGc8oYTvQ4d8Kmk/5p3:9sAlgrVwZaeTgvp4oSUMqK0Q4dtm

    Score
    10/10
    asyncratamudiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks