Overview

overview

10

Static

static

10

4796cd7739...9N.exe

windows7-x64

10

4796cd7739...9N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4796cd7739b43da9e9bd1e414aff403bde4276b1e904e4c6c8fb168a11168d79N.exe

  • Size

    45KB

  • Sample

    241201-19lqgavkdw

  • MD5

    4e60944931d245c64ca8d3d9d0819f80

  • SHA1

    0c4981d1537179e1ac07b03f61f8dce62be6994e

  • SHA256

    4796cd7739b43da9e9bd1e414aff403bde4276b1e904e4c6c8fb168a11168d79

  • SHA512

    4507c38ee10fcf35777c79fbf4dec332977704aa5bcd4607ae55aea023fd392d1dd9286e6e8ca38cb20ad2d53c2bd26887b2ecb1521bf5f13b19ea6ce17cd889

  • SSDEEP

    768:Qu/6ZTgoiziWUUd9rmo2qr3KjPGagAWOzjbFgX3idFttl1NZpJxlfZD8cDZLf+:Qu/6ZTglB26KTKTO3bCXSdFtVNX/rDzc

Score
10/10
asyncratdefaultdiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

5.tcp.eu.ngrok.io:17994

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      4796cd7739b43da9e9bd1e414aff403bde4276b1e904e4c6c8fb168a11168d79N.exe

    • Size

      45KB

    • MD5

      4e60944931d245c64ca8d3d9d0819f80

    • SHA1

      0c4981d1537179e1ac07b03f61f8dce62be6994e

    • SHA256

      4796cd7739b43da9e9bd1e414aff403bde4276b1e904e4c6c8fb168a11168d79

    • SHA512

      4507c38ee10fcf35777c79fbf4dec332977704aa5bcd4607ae55aea023fd392d1dd9286e6e8ca38cb20ad2d53c2bd26887b2ecb1521bf5f13b19ea6ce17cd889

    • SSDEEP

      768:Qu/6ZTgoiziWUUd9rmo2qr3KjPGagAWOzjbFgX3idFttl1NZpJxlfZD8cDZLf+:Qu/6ZTglB26KTKTO3bCXSdFtVNX/rDzc

    Score
    10/10
    asyncratdefaultdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks