General

  • Target

    System.exe

  • Size

    63KB

  • Sample

    241222-2kr2ma1ngp

  • MD5

    b367951dd5e46dd6d3c54624112905ff

  • SHA1

    e609643f595802067e07d95aa4d0aacdb094ada8

  • SHA256

    b685bb3b4f6c19672fd4d25c0b44d3e1c6cc36ae49805b0f2618a4b621d3d4ea

  • SHA512

    941a245031ea4674f9ea756289891456cfe8d61e7aa650ed51c54361e6585854c7a435fa8ba128075a0cb8d7d15067c38f0b6f27db79447885dba9d76d2d3a66

  • SSDEEP

    1536:ChfhBLTRQUhZ4DcVVZceiHFGbbXwhwvPYDGfmpqKmY7:ChfhBLTRQUhZ4iVOeoGbbXieFz

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

!DEAD NUKER

C2

147.185.221.18:63974

Mutex

!DEADCODEMutex_lm.deadcode

Attributes
  • delay

    1

  • install

    true

  • install_file

    System.exe

  • install_folder

    %Temp%

aes.plain

Targets

    • Target

      System.exe

    • Size

      63KB

    • MD5

      b367951dd5e46dd6d3c54624112905ff

    • SHA1

      e609643f595802067e07d95aa4d0aacdb094ada8

    • SHA256

      b685bb3b4f6c19672fd4d25c0b44d3e1c6cc36ae49805b0f2618a4b621d3d4ea

    • SHA512

      941a245031ea4674f9ea756289891456cfe8d61e7aa650ed51c54361e6585854c7a435fa8ba128075a0cb8d7d15067c38f0b6f27db79447885dba9d76d2d3a66

    • SSDEEP

      1536:ChfhBLTRQUhZ4DcVVZceiHFGbbXwhwvPYDGfmpqKmY7:ChfhBLTRQUhZ4iVOeoGbbXieFz

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

MITRE ATT&CK Enterprise v15

Tasks