General

  • Target

    99b4a88577411f9c55d927eeabdd8528_JaffaCakes118

  • Size

    47KB

  • Sample

    241125-gzrdesynep

  • MD5

    99b4a88577411f9c55d927eeabdd8528

  • SHA1

    7d26960f9db961c6252b2b53248f9bc8a3de2022

  • SHA256

    dd15d364592da8dbc249ff5480112724cace64d1ac27b32693395283e4603ab8

  • SHA512

    9bb4c046d04aa5ab90674af71d54281a4cbf13a42abb022550d5ec171728a5425b473e4e4e340cbe7bf66ce5f7bec50ebd98850f655900f8dd72869775e5296d

  • SSDEEP

    768:Vx7QMF2O2dqc5rZavOr3IYsTBvx99TCqyjbigz3i77aqN2ctd1RzXNPClZa2tYch:Vx7QMFTwr4Ykp9febFzSf7noraKmVcl

Malware Config

Extracted

Family

asyncrat

Version

0.5.7A

Botnet

Default

C2

213.238.172.124:1604

Mutex

hfuobqkyqknvi

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      99b4a88577411f9c55d927eeabdd8528_JaffaCakes118

    • Size

      47KB

    • MD5

      99b4a88577411f9c55d927eeabdd8528

    • SHA1

      7d26960f9db961c6252b2b53248f9bc8a3de2022

    • SHA256

      dd15d364592da8dbc249ff5480112724cace64d1ac27b32693395283e4603ab8

    • SHA512

      9bb4c046d04aa5ab90674af71d54281a4cbf13a42abb022550d5ec171728a5425b473e4e4e340cbe7bf66ce5f7bec50ebd98850f655900f8dd72869775e5296d

    • SSDEEP

      768:Vx7QMF2O2dqc5rZavOr3IYsTBvx99TCqyjbigz3i77aqN2ctd1RzXNPClZa2tYch:Vx7QMFTwr4Ykp9febFzSf7noraKmVcl

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

MITRE ATT&CK Enterprise v15

Tasks