Overview

overview

10

Static

static

1

e84377f181...28.ps1

windows7-x64

3

e84377f181...28.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e84377f181936074f6b29c1ed84acb4409bb199e4e02b71bf4fb43781f803a28.ps1

  • Size

    1.9MB

  • Sample

    241218-lgc6astjat

  • MD5

    05ca50471d9f5c01b66e448ea589c149

  • SHA1

    889ba922194d17cc453bf5a48505a570b9e9b609

  • SHA256

    e84377f181936074f6b29c1ed84acb4409bb199e4e02b71bf4fb43781f803a28

  • SHA512

    cae798186c385752728cf9b63e8eac4672ebc57d3ef3aa83ceeacf9b5e91924fe994047c4c9f0024cee062e6d1fdcba238076beb72478fd7f8621f6aabd7dac9

  • SSDEEP

    24576:bSgmuyXfET5YN3b2LLG1z/7E4/KpdMJczdsrbIB:biMSNKLq1zjAj

Score
10/10
asyncrats2executionrat

Malware Config

Extracted

Family

asyncrat

Version

AWS | 3Losh

Botnet

s2

C2

menitalnewways.webredirect.org:6606

menitalnewways.webredirect.org:7707

menitalnewways.webredirect.org:8808

menitalnewways.webredirect.org:333
Mutex

winter1

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      e84377f181936074f6b29c1ed84acb4409bb199e4e02b71bf4fb43781f803a28.ps1

    • Size

      1.9MB

    • MD5

      05ca50471d9f5c01b66e448ea589c149

    • SHA1

      889ba922194d17cc453bf5a48505a570b9e9b609

    • SHA256

      e84377f181936074f6b29c1ed84acb4409bb199e4e02b71bf4fb43781f803a28

    • SHA512

      cae798186c385752728cf9b63e8eac4672ebc57d3ef3aa83ceeacf9b5e91924fe994047c4c9f0024cee062e6d1fdcba238076beb72478fd7f8621f6aabd7dac9

    • SSDEEP

      24576:bSgmuyXfET5YN3b2LLG1z/7E4/KpdMJczdsrbIB:biMSNKLq1zjAj

    Score
    10/10
    executionasyncrats2rat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks