General

  • Target

    e54d42724412abbbe374ddbc82e0377b991f585a2e1953c56277705ebd99a1c7

  • Size

    2.1MB

  • Sample

    241217-q7ffka1rem

  • MD5

    3a7a99d589391b86a223fc446d97453e

  • SHA1

    d87c15d24ae898404fa677d40f3b00a4d1e22614

  • SHA256

    e54d42724412abbbe374ddbc82e0377b991f585a2e1953c56277705ebd99a1c7

  • SHA512

    4b064442b8f249334d89bbc3a54b781400741debb941e43c8e7b29cc3e0279ff62ee55d7db96826ad3fcc2d5d634d793457c969fdafb6c1eb0874940d72f3c93

  • SSDEEP

    24576:WR2oDdYGqiMFSthUcJwI+bjQsYBmRfOscv+aFRUa8C/nFoFGsbUvqHe:sdDeGqiMP3I+G+OR+Ar/nFoFGTS+

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

127.0.0.1:8848

192.168.153.119:8848

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_file

    WindowsDefender.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      e54d42724412abbbe374ddbc82e0377b991f585a2e1953c56277705ebd99a1c7

    • Size

      2.1MB

    • MD5

      3a7a99d589391b86a223fc446d97453e

    • SHA1

      d87c15d24ae898404fa677d40f3b00a4d1e22614

    • SHA256

      e54d42724412abbbe374ddbc82e0377b991f585a2e1953c56277705ebd99a1c7

    • SHA512

      4b064442b8f249334d89bbc3a54b781400741debb941e43c8e7b29cc3e0279ff62ee55d7db96826ad3fcc2d5d634d793457c969fdafb6c1eb0874940d72f3c93

    • SSDEEP

      24576:WR2oDdYGqiMFSthUcJwI+bjQsYBmRfOscv+aFRUa8C/nFoFGsbUvqHe:sdDeGqiMP3I+G+OR+Ar/nFoFGTS+

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

    • Async RAT payload

MITRE ATT&CK Matrix

Tasks