Overview

overview

10

Static

static

3

ElitecutSetup.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ElitecutSetup.exe

  • Size

    700.0MB

  • Sample

    241123-3yfq7atjex

  • MD5

    c85464bd8f7cd51eb9451fd0220b7049

  • SHA1

    c29fe8a174447f951ccab8318ab78a172511b2e5

  • SHA256

    1f7515ccc1894696182be9acf8350bc7aa5b9f26dad1cb96780b4b72e6d36434

  • SHA512

    caf9500696dcc919404512f41f4c8560bac0452a76ca9143b6f74bd5f4960661d89eefdc3337b18b35ce4b48d1f18de50b9195fb322f12d26ded13d52aeb0089

  • SSDEEP

    3072:PgelpYUbFOKYCm1xC8d0V1EGxMbwqjdzu5fuz:lLbi1ElvjM9V

Score
10/10
asyncratfurryrat

Malware Config

Extracted

Family

asyncrat

Botnet

Furry

C2

193.161.193.99:36700

Attributes
  • delay

    1

  • install

    true

  • install_file

    syskprvalorop.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      ElitecutSetup.exe

    • Size

      700.0MB

    • MD5

      c85464bd8f7cd51eb9451fd0220b7049

    • SHA1

      c29fe8a174447f951ccab8318ab78a172511b2e5

    • SHA256

      1f7515ccc1894696182be9acf8350bc7aa5b9f26dad1cb96780b4b72e6d36434

    • SHA512

      caf9500696dcc919404512f41f4c8560bac0452a76ca9143b6f74bd5f4960661d89eefdc3337b18b35ce4b48d1f18de50b9195fb322f12d26ded13d52aeb0089

    • SSDEEP

      3072:PgelpYUbFOKYCm1xC8d0V1EGxMbwqjdzu5fuz:lLbi1ElvjM9V

    Score
    10/10
    asyncratfurryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops desktop.ini file(s)

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks