Overview

overview

10

Static

static

10

Infected.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Infected.exe

  • Size

    63KB

  • Sample

    241118-bht54atphx

  • MD5

    daacc4b40206c4d5e7260dde1a2f6814

  • SHA1

    7f8baeba108d745c44ee23b4a56c58d5893d2889

  • SHA256

    eb3e3b70ceb124de827b5297c2b8e0b42f84ca8bcd71015a9ce9d7aa5a581a43

  • SHA512

    3afd3cbe4ae7e9e500037a1643ba04430687a602d6a4b7ccb9c12e8b350b29fcb37251b9cb9af4528f92719b6ae4391aea5f58aa505dfd6818b9e0cb036dcf64

  • SSDEEP

    768:iqWcYBjjj78ZIC8A+X0iazcBRL5JTk1+T4KSBGHmDbD/ph0oXTOsySuwdpqKYhY7:MZjLXdSJYUbdh9TluwdpqKmY7

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

147.185.221.23:45700

Attributes
  • delay

    1

  • install

    true

  • install_file

    urmom.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      Infected.exe

    • Size

      63KB

    • MD5

      daacc4b40206c4d5e7260dde1a2f6814

    • SHA1

      7f8baeba108d745c44ee23b4a56c58d5893d2889

    • SHA256

      eb3e3b70ceb124de827b5297c2b8e0b42f84ca8bcd71015a9ce9d7aa5a581a43

    • SHA512

      3afd3cbe4ae7e9e500037a1643ba04430687a602d6a4b7ccb9c12e8b350b29fcb37251b9cb9af4528f92719b6ae4391aea5f58aa505dfd6818b9e0cb036dcf64

    • SSDEEP

      768:iqWcYBjjj78ZIC8A+X0iazcBRL5JTk1+T4KSBGHmDbD/ph0oXTOsySuwdpqKYhY7:MZjLXdSJYUbdh9TluwdpqKmY7

    Score
    10/10
    asyncratdefaultrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Async RAT payload

      rat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks