General
-
Target
Project7-Signed1.exe
-
Size
87KB
-
Sample
250128-harhkazpbs
-
MD5
1663d645dfd98ddeb2cda808bde92132
-
SHA1
470c7ee8a9db8b601bfe1b77e226ba8cddedf3f3
-
SHA256
c8125da7bb61057ae54927bfbe57d59f8c3d7a85b3ee2a67aca57cbba9e4cae9
-
SHA512
fd682199784175fe352596c29a8ca2c8d9371bdac310e2e04c131d23a8b106fb02987e76376ad36d5d8c5e733387e03eb6625fba1bc0a425cd1a00b75654c2cb
-
SSDEEP
1536:IprmwRE0hYuiIeKHJ6W3T3L+MvX+P60cGg9QcAxv7s5+7hEupWqP:IZV/YwhJ66T3L+mOP6DIPxv7x7hEuE2
Malware Config
Extracted
http://149.88.66.68/test.mp3
Extracted
asyncrat
127.0.0.1:5419
127.0.0.1:5418
127.0.0.1:13792
123.99.198.130:5419
123.99.198.130:5418
123.99.198.130:13792
-
delay
1
-
install
true
-
install_file
1.exe
-
install_folder
%AppData%
Targets
-
-
Target
Project7-Signed1.exe
-
Size
87KB
-
MD5
1663d645dfd98ddeb2cda808bde92132
-
SHA1
470c7ee8a9db8b601bfe1b77e226ba8cddedf3f3
-
SHA256
c8125da7bb61057ae54927bfbe57d59f8c3d7a85b3ee2a67aca57cbba9e4cae9
-
SHA512
fd682199784175fe352596c29a8ca2c8d9371bdac310e2e04c131d23a8b106fb02987e76376ad36d5d8c5e733387e03eb6625fba1bc0a425cd1a00b75654c2cb
-
SSDEEP
1536:IprmwRE0hYuiIeKHJ6W3T3L+MvX+P60cGg9QcAxv7s5+7hEupWqP:IZV/YwhJ66T3L+mOP6DIPxv7x7hEuE2
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Asyncrat family
-
Async RAT payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Using powershell.exe command.
-