General
-
Target
af9cd831104a7d0a352cd88f77a4cfbdde43804b5225002fc7115685d2c6297f.exe
-
Size
3.2MB
-
Sample
241213-dej7tsyjak
-
MD5
6681713c421e1b4951d5a08c39f43e97
-
SHA1
23c09997b6cac46683950dbbefa18d65b3250d12
-
SHA256
af9cd831104a7d0a352cd88f77a4cfbdde43804b5225002fc7115685d2c6297f
-
SHA512
fec9ed7257466d44055aefbe378f40a9f5066a83b82efe4fbd4bcb9cb3dc447732e7e523d3e47893db35538f80ba358d70d1529da1c16316b709aca10f3d2f10
-
SSDEEP
98304:Z/4qyVBXdPfPtPuIao7/+GsQCx9w4zpkcYy:5TyVRvmNQVqPw41kcYy
Malware Config
Targets
-
-
Target
af9cd831104a7d0a352cd88f77a4cfbdde43804b5225002fc7115685d2c6297f.exe
-
Size
3.2MB
-
MD5
6681713c421e1b4951d5a08c39f43e97
-
SHA1
23c09997b6cac46683950dbbefa18d65b3250d12
-
SHA256
af9cd831104a7d0a352cd88f77a4cfbdde43804b5225002fc7115685d2c6297f
-
SHA512
fec9ed7257466d44055aefbe378f40a9f5066a83b82efe4fbd4bcb9cb3dc447732e7e523d3e47893db35538f80ba358d70d1529da1c16316b709aca10f3d2f10
-
SSDEEP
98304:Z/4qyVBXdPfPtPuIao7/+GsQCx9w4zpkcYy:5TyVRvmNQVqPw41kcYy
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Asyncrat family
-
StormKitty
StormKitty is an open source info stealer written in C#.
-
StormKitty payload
-
Stormkitty family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates processes with tasklist
-