General

  • Target

    b9e3999195a684c315323b2165db39c3.bin

  • Size

    22KB

  • Sample

    241024-b6kassyerf

  • MD5

    7fc47bcbcd6cab7dc9f58c7ce90d2b69

  • SHA1

    7cf317814ec0405e7fd29b3fdf834d05e60bd501

  • SHA256

    16b8163e76e554b043b26a8564cb513cf8c940c0c4a9b8e3f9465c17d3e62cdc

  • SHA512

    45c2042eeff601a5fc9b246af2d27cf34172d17a8d35af64fda0047a9d13d816dc2d7d805895c2dc123173e5aff140719ca83b11b1e24ad478eebec60924ca7c

  • SSDEEP

    384:nPDrNBYmQdLQWpwi3hOsLxtkQA2Xo3guEZCPEMGKuagOtqy46:nPd2b+cwmtkQtXegXQGG3qP6

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

nVIDIA RTX

C2

govpet.mysynology.net:4164

Mutex

hxmmKHB5chNy

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      7497d272b19d1713577b70560b6e803f77d10252a2f3bcae0338dbe7c772de45.exe

    • Size

      45KB

    • MD5

      b9e3999195a684c315323b2165db39c3

    • SHA1

      37982144c1afe4d1477de2071f7df9189df35ce8

    • SHA256

      7497d272b19d1713577b70560b6e803f77d10252a2f3bcae0338dbe7c772de45

    • SHA512

      1a3fed92af769c5e4eb52ca9301c2d10e4626272d706133de2ebd9ac2362c0c8a08b379830852b9136c17831c1d0cd5b2a0b5a604ff8eb931d0da59fa4685630

    • SSDEEP

      768:FuPfZTg4pYiWUU9jjmo2qrpVnF2e8IIPIgQjb5gX3i78VQIC74IdBDZSx:FuPfZTgKa2GVc4gYbWXS7pDEIzdSx

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

MITRE ATT&CK Enterprise v15

Tasks