Overview

overview

10

Static

static

3

CamScanner.exe

windows7-x64

10

CamScanner.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CamScanner.exe.bin

  • Size

    7.6MB

  • Sample

    241213-xrxhgaxmf1

  • MD5

    823d8a30612fb5b3b11b5caa71296f71

  • SHA1

    de62763a8654227512673c560894a6371d16fe58

  • SHA256

    2c6e1ea89fe0d94f568fe90e2d4a05c6b1d6ef1d1d15881f1dce6af1c4174c4a

  • SHA512

    9f3ab4edfa12529ef559082a4df6a55964213f86ce0bb7cd4375efeef3905b13aba71a2dd574fb7803af32d3ac6270ca555712e99228a41966fed9ca7633d3c1

  • SSDEEP

    98304:CzjkDuX7yiWmcTYuVEWilcuiKS6m4goQ1Z5O/i37fkQOsjj3FVz6JT4hQ5CQkEW2:CzoD1iET3XO/irpv1tvCbkEJOxITMpM

Score
10/10
asyncratdefaultdiscoverypersistencerat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

Default

C2

manuelmorenomanuel12345.duckdns.org:2025

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      CamScanner.exe.bin

    • Size

      7.6MB

    • MD5

      823d8a30612fb5b3b11b5caa71296f71

    • SHA1

      de62763a8654227512673c560894a6371d16fe58

    • SHA256

      2c6e1ea89fe0d94f568fe90e2d4a05c6b1d6ef1d1d15881f1dce6af1c4174c4a

    • SHA512

      9f3ab4edfa12529ef559082a4df6a55964213f86ce0bb7cd4375efeef3905b13aba71a2dd574fb7803af32d3ac6270ca555712e99228a41966fed9ca7633d3c1

    • SSDEEP

      98304:CzjkDuX7yiWmcTYuVEWilcuiKS6m4goQ1Z5O/i37fkQOsjj3FVz6JT4hQ5CQkEW2:CzoD1iET3XO/irpv1tvCbkEJOxITMpM

    Score
    10/10
    asyncratdefaultdiscoverypersistencerat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks