Overview

overview

10

Static

static

10

JaffaCakes...3c.exe

windows7-x64

10

JaffaCakes...3c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    JaffaCakes118_e1c7441c18112ba142d0bddf163ecd3268c9775c77e8a27d55ccceb8257c033c

  • Size

    1000KB

  • Sample

    241225-fxe2yayqcp

  • MD5

    8eaeb4c1aa0914442af1038350640424

  • SHA1

    f66e91ce930f15f126d6b4353e7fac9c8674af99

  • SHA256

    e1c7441c18112ba142d0bddf163ecd3268c9775c77e8a27d55ccceb8257c033c

  • SHA512

    f2fcaba056ad577988de23cd4a2d3f3195210dbfae56bb75c4fc48109567b5ce1e68c09468737f4c6aedd8e9ff5c402ae8bd402f49a4b2a70e45b4dbe83e1a7c

  • SSDEEP

    24576:rssydOnWRIiXOT8P1gSlpLBccQKWbwntqdxt7wEK96BgOchZ+T6GA:IcnWMhBJgmRrtBs+q

Score
10/10
asyncratdata2discoveryrat

Malware Config

Extracted

Family

asyncrat

Version

ANC8.0

Botnet

DATA2

C2

154.38.112.92:8848

Mutex

DefaultHttp

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      JaffaCakes118_e1c7441c18112ba142d0bddf163ecd3268c9775c77e8a27d55ccceb8257c033c

    • Size

      1000KB

    • MD5

      8eaeb4c1aa0914442af1038350640424

    • SHA1

      f66e91ce930f15f126d6b4353e7fac9c8674af99

    • SHA256

      e1c7441c18112ba142d0bddf163ecd3268c9775c77e8a27d55ccceb8257c033c

    • SHA512

      f2fcaba056ad577988de23cd4a2d3f3195210dbfae56bb75c4fc48109567b5ce1e68c09468737f4c6aedd8e9ff5c402ae8bd402f49a4b2a70e45b4dbe83e1a7c

    • SSDEEP

      24576:rssydOnWRIiXOT8P1gSlpLBccQKWbwntqdxt7wEK96BgOchZ+T6GA:IcnWMhBJgmRrtBs+q

    Score
    10/10
    asyncratdata2discoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Async RAT payload

      rat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks