General

  • Target

    Roblox.zip

  • Size

    90KB

  • Sample

    241030-x13qvaymax

  • MD5

    2b34d1cdf5be2e8b86dcba5bf9b9e46c

  • SHA1

    5f91bca2699a499dea24bdb97bc6f00f45528a15

  • SHA256

    d390cedf4222277eccbc02514a5d9a47c67379d14bc1d67ee95b096addce601f

  • SHA512

    e7dac33ba720de79614a086ea1e47878d0e9b28b9466e99435d5432e534da0dd5df7bdcf0d7fef1011871c42c286dca27cacd1262069eaf92755af30cfd3087b

  • SSDEEP

    1536:fMPpnsv6AX06nsAQMpGFaULvzjpCE4RHYue7gSe4risNXvvEBkAI+ig3cJ+spQi7:Wt6pfGJLvzjoNa7Ne4risNXvvEO+Zvsr

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

Mutex

HMqfL0cBw4qM

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Roblox.zip

    • Size

      90KB

    • MD5

      2b34d1cdf5be2e8b86dcba5bf9b9e46c

    • SHA1

      5f91bca2699a499dea24bdb97bc6f00f45528a15

    • SHA256

      d390cedf4222277eccbc02514a5d9a47c67379d14bc1d67ee95b096addce601f

    • SHA512

      e7dac33ba720de79614a086ea1e47878d0e9b28b9466e99435d5432e534da0dd5df7bdcf0d7fef1011871c42c286dca27cacd1262069eaf92755af30cfd3087b

    • SSDEEP

      1536:fMPpnsv6AX06nsAQMpGFaULvzjpCE4RHYue7gSe4risNXvvEBkAI+ig3cJ+spQi7:Wt6pfGJLvzjoNa7Ne4risNXvvEO+Zvsr

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

    • Async RAT payload

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks