Overview

overview

10

Static

static

10

1884-72-0x...ry.exe

windows7-x64

1884-72-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1884-72-0x0000000000400000-0x0000000000412000-memory.dmp

  • Size

    72KB

  • Sample

    240926-k2cjts1gmf

  • MD5

    77950cf8acb7e7c807b063082a86529a

  • SHA1

    dd6afcdce0771eafb11d5637bbb9e78b21b73814

  • SHA256

    f61860e03e8d875be79888718c97374ce39f633c10c8249f9722c8059d11fe3d

  • SHA512

    bdfb86e2e5c2f903bf0dfa319f37d690c7f54865336e192b76059d3aebf41f1860c7ed91e7e883b7006df074e01b246c18fd41f62141259eaa0ed0c746b12bfb

  • SSDEEP

    768:gq+s3pUtDILNCCa+DiyiVioP8YbdgemEidkQJ+68vEgK/JHZVc6KN:gq+AGtQO/rzbK7ndkQJd8nkJHZVclN

Score
10/10
asyncratserver

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Server

C2

dcmxz.duckdns.org:35650

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      1884-72-0x0000000000400000-0x0000000000412000-memory.dmp

    • Size

      72KB

    • MD5

      77950cf8acb7e7c807b063082a86529a

    • SHA1

      dd6afcdce0771eafb11d5637bbb9e78b21b73814

    • SHA256

      f61860e03e8d875be79888718c97374ce39f633c10c8249f9722c8059d11fe3d

    • SHA512

      bdfb86e2e5c2f903bf0dfa319f37d690c7f54865336e192b76059d3aebf41f1860c7ed91e7e883b7006df074e01b246c18fd41f62141259eaa0ed0c746b12bfb

    • SSDEEP

      768:gq+s3pUtDILNCCa+DiyiVioP8YbdgemEidkQJ+68vEgK/JHZVc6KN:gq+AGtQO/rzbK7ndkQJd8nkJHZVclN

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks