Overview

overview

10

Static

static

3

adswqadasw.exe

windows7-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    adswqadasw.exe

  • Size

    2.9MB

  • Sample

    241226-l151essrbl

  • MD5

    c88eb41aa02785f785337117bce52dc9

  • SHA1

    ee63f44027e89481fdb281b4e30fc6c8832679a2

  • SHA256

    dd5c4d0eaa73513523864ff9a264f090153a5d38e425ec4d041173ef9ab1ab76

  • SHA512

    67bedd5b7e052469ff29e6c9f6ddfd3c5a855612f769343a1a694baa53fb8c526518d00713720f94f320741d57121687b75b81999ddd065f8c712cc7c116328c

  • SSDEEP

    24576:xQBAe4kTT+2YHQyODScZoml6mm/ri5R1PqA49GAxw4DRgGoGTBytyCCBdxF9Cqz+:xOAe4kX+fDxi5R1C10QgGeyxB7JCB

Score
10/10
asyncratdefaultdiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

Mutex

lfrlrahocljxyqyr

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/xFvrV0SD

aes.plain

Targets

    • Target

      adswqadasw.exe

    • Size

      2.9MB

    • MD5

      c88eb41aa02785f785337117bce52dc9

    • SHA1

      ee63f44027e89481fdb281b4e30fc6c8832679a2

    • SHA256

      dd5c4d0eaa73513523864ff9a264f090153a5d38e425ec4d041173ef9ab1ab76

    • SHA512

      67bedd5b7e052469ff29e6c9f6ddfd3c5a855612f769343a1a694baa53fb8c526518d00713720f94f320741d57121687b75b81999ddd065f8c712cc7c116328c

    • SSDEEP

      24576:xQBAe4kTT+2YHQyODScZoml6mm/ri5R1PqA49GAxw4DRgGoGTBytyCCBdxF9Cqz+:xOAe4kX+fDxi5R1C10QgGeyxB7JCB

    Score
    10/10
    asyncratdefaultdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Executes dropped EXE

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks