General

  • Target

    JaffaCakes118_5975eae4bf3b519fd6a9bade6741251bf676e156c973bfe8e9b013b012d7985d

  • Size

    48KB

  • Sample

    241224-zzkjzsxnhq

  • MD5

    49fdfbb36584ec8a1c8a9664d5c6ed17

  • SHA1

    867ee7f209abdab6ed2ec86006bd033dd93159fd

  • SHA256

    5975eae4bf3b519fd6a9bade6741251bf676e156c973bfe8e9b013b012d7985d

  • SHA512

    6984d623539027b4da8a5a6b0107aa751fcf85304f245782b6db500818203aeaa7085880861378e55e1338996171454f0f28818eeb2ef0989065066e56cfc0eb

  • SSDEEP

    768:A8+tfqtWYHRTaaYydToDvj0SoUpjbWgeog8B5I1cvqJAqImax:A8+tfqtWwRvzUJbJeb6I1cv4t9ax

Malware Config

Extracted

Family

asyncrat

Version

| Edit 3LOSH RAT

Botnet

sassive

C2

semdoublebacks5f.ooguy.com:5001

Mutex

Junoitufnsutex_6SI889F

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      JaffaCakes118_5975eae4bf3b519fd6a9bade6741251bf676e156c973bfe8e9b013b012d7985d

    • Size

      48KB

    • MD5

      49fdfbb36584ec8a1c8a9664d5c6ed17

    • SHA1

      867ee7f209abdab6ed2ec86006bd033dd93159fd

    • SHA256

      5975eae4bf3b519fd6a9bade6741251bf676e156c973bfe8e9b013b012d7985d

    • SHA512

      6984d623539027b4da8a5a6b0107aa751fcf85304f245782b6db500818203aeaa7085880861378e55e1338996171454f0f28818eeb2ef0989065066e56cfc0eb

    • SSDEEP

      768:A8+tfqtWYHRTaaYydToDvj0SoUpjbWgeog8B5I1cvqJAqImax:A8+tfqtWwRvzUJbJeb6I1cv4t9ax

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Asyncrat family

MITRE ATT&CK Enterprise v15

Tasks