Overview

overview

10

Static

static

10

bogaziciuygulamam.exe

windows10-2004-x64

10

Resubmissions

02-09-2024 10:46

240902-mt1b2azanc 10

02-09-2024 10:42

240902-mr1j1szajg 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bogaziciuygulamam.exe

  • Size

    96KB

  • MD5

    dbc181309bdc8abdd3c082e8ad9cd081

  • SHA1

    ae49fb0c23014468b0fb98b7be9a91557bef9b69

  • SHA256

    cc4dde06185d6ee70b8f88bf8ff2ddbfd4635fd6f8fdb62516cf6e19f4235b3e

  • SHA512

    8a121777cc4eab65626fd0d6673498360996662379f604528133bdfd49cb4e1cd4a6d9e9538cf69440026b90565c6a5ace95793848d371608e555cd2cbfca73b

  • SSDEEP

    1536:3uMZ1TDlsPF/28eJIrJAUXb0uowBvQHnkdplm8Cx:3uM/ThsPF/28drJAUXbhLNQHnkzCx

Score
10/10
ratcampainasyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

campain

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

127.0.0.1:3636

91.92.247.224:6606

91.92.247.224:7707

91.92.247.224:8808

91.92.247.224:3636
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    true

  • install_file

    ckbogazici.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bogaziciuygulamam.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections