Overview

overview

10

Static

static

10

ProximaCLient.exe

windows7-x64

10

ProximaCLient.exe

windows10-2004-x64

10

Resubmissions

21/01/2025, 01:29

250121-bwhzzszjct 10

21/01/2025, 01:26

250121-btnsfsyqfr 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ProximaCLient.exe

  • Size

    62KB

  • MD5

    9b58a4fad9c0ddace097997174a11175

  • SHA1

    aad8aaac4ac821a047d68d90bb3266d73e5f6457

  • SHA256

    7bb046bb513f61bb2f038262e0355f239b0daefc081619cb51039bf0cf796033

  • SHA512

    dc27a308b85434804249751deb19eb8ccbcef8c53ca5af6f662b74e41da4763593388c75216ceda66b83b5213a8c55c662d485ae70d9b9abc33bee3e053bb6ba

  • SSDEEP

    1536:Nu2etT/+No2KISb6/N6FbbAb2FftIVZNdCwdAoeWYx:Nu2aT/+No2KISb6/N4bbAUeVZvB8px

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808

31.57.243.64:6606

31.57.243.64:7707

31.57.243.64:8808
Mutex

LpF3ngSX2CvP

Attributes
  • delay

    3

  • install

    true

  • install_file

    lasjiiziopjwe.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ProximaCLient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections