Overview

overview

10

Static

static

3

Stub.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Debug.rar

  • Size

    52KB

  • Sample

    250109-hx815asnht

  • MD5

    369cc8a1947a43b30d6367602da93015

  • SHA1

    d05585d5293976b3a8f505984f1a0e0481c74082

  • SHA256

    57c92e2bde3b147665bacc127d53cd6775421fd15b23c69e5661232a4de45f49

  • SHA512

    247c3baba65159ef9b19b520e5507f4b86723a747f48a2e002dde01feef49e6f69a99ee7d6b2f10d8e030fd0c7256980e1e5cd586cf0224579d25ada53b8e127

  • SSDEEP

    1536:CucoOYIacqiPdQQqH40AF4a1RFKpUiToZY:6oiqiP2r0FNiH

Score
10/10
asyncratgdfjbxc9asdiscoveryrat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

GDFjbxc9as

Mutex

Gx0edRwRzsDs0gzwQ

Attributes
  • delay

    1

  • install

    false

  • install_file

    GoogleUpdates.exe

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/QLnQD5yh

aes.plain

Targets

    • Target

      Stub.exe

    • Size

      10KB

    • MD5

      55cf4bcfb51ec738927ad5f152360de2

    • SHA1

      bb763eb4bb84ff5e38c3bb381f81b2665ee257fa

    • SHA256

      4bae7d4ff0c2e9a99852a4cc7828ade235abbaed12e125d1b888d79b2b75fe75

    • SHA512

      6fb5bde2c2aa950a82993ca208d8544414dff10532de0fcb302bd0014808c4ddd778d58903857125d6627ccaa3586a94622cd0c51c0839879dc5a2fc9ccf40f3

    • SSDEEP

      96:u/+JiA0Pcj+plyPocZCoB8d3ZxlH7ZCP2UuKJKJuItZkZtHcDjf2EBVkYlhJpn80:mP3j7oBQZxlbm2LKJKJun7HYgY3nnff

    Score
    10/10
    asyncratgdfjbxc9asdiscoveryrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat

    • Async RAT payload

      rat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks