Resubmissions

21-12-2024 17:00

241221-vh4t3stpap 10

21-12-2024 16:17

241221-trjptssqdl 10

General

  • Target

    gggg.exe

  • Size

    52KB

  • MD5

    fb6d592ff07d0e26a291b3e78c1ce139

  • SHA1

    e5e82e613372b0795f8347ac643e954f0c514df2

  • SHA256

    347586f7facf4ef5fcb456f6589d65cb3167a7fa4379740ff03b2c861d8cf364

  • SHA512

    5db5797fcb1a6c2cbd2e2f4aaf2a5fd47f693116583596292531b73a36eabc8517ee7bc1d8cb5a999f45a5ca91152f0b3a810ec00ce35c8283f02d1c5e287779

  • SSDEEP

    1536:2uu91TwSb2nth5csqQXb6HoTUdHN0QdH/:2uuDTwSb2tQsqwb6I4dtl9/

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:8808

10.59.25.45:8808

Mutex

KxaqMLMZrN62

Attributes
  • delay

    3

  • install

    true

  • install_file

    Maple.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • gggg.exe
    .exe windows:4 windows x86 arch:x86

    Password: njjknhkjh

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections