Overview

overview

10

Static

static

10

buidl.exe

windows7-x64

10

buidl.exe

windows10-1703-x64

10

Resubmissions

11-08-2024 01:31

240811-bxn8dsydpp 10

11-08-2024 01:29

240811-bwl2mssgld 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    buidl.exe

  • Size

    63KB

  • Sample

    240811-bxn8dsydpp

  • MD5

    9c2d4871014553f542534fce03805000

  • SHA1

    cd44e0ee979718203d896fcc7dcb5cc5077eb721

  • SHA256

    9fde4361d7beadb8c11afed5b0518211740cef76ea03146e98a8337581e02f7e

  • SHA512

    7d15b22083a0132440297035e5854b318e2aadc615c7959285bc8516292b19f7cd1b062350bde02397e562952ec0910100c4988bec2d92b4ca394b76b1bb7442

  • SSDEEP

    768:PHDvlKazXYN78NwC8A+XuqazcBRL5JTk1+T4KSBGHmDbD/ph0oXOlKYsN3tlSusV:btTXA9dSJYUbdh9OlAF+usdpqKmY7

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

Attributes
  • delay

    1

  • install

    true

  • install_file

    Discord.exe

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/zs3YKzJ3

aes.plain

Targets

    • Target

      buidl.exe

    • Size

      63KB

    • MD5

      9c2d4871014553f542534fce03805000

    • SHA1

      cd44e0ee979718203d896fcc7dcb5cc5077eb721

    • SHA256

      9fde4361d7beadb8c11afed5b0518211740cef76ea03146e98a8337581e02f7e

    • SHA512

      7d15b22083a0132440297035e5854b318e2aadc615c7959285bc8516292b19f7cd1b062350bde02397e562952ec0910100c4988bec2d92b4ca394b76b1bb7442

    • SSDEEP

      768:PHDvlKazXYN78NwC8A+XuqazcBRL5JTk1+T4KSBGHmDbD/ph0oXOlKYsN3tlSusV:btTXA9dSJYUbdh9OlAF+usdpqKmY7

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks