Overview

overview

10

Static

static

10

WinScript.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WinScript.exe

  • Size

    52KB

  • Sample

    250130-pz4mra1nez

  • MD5

    93673834f4990293d7f4f47c8923d4b8

  • SHA1

    8a74cad256706e9cee722ed4a47b680ea8791d3d

  • SHA256

    e95554214868e4bba4020036914670bfa988f5f606351c20590e5ccbbd2f7bd6

  • SHA512

    4810e1b050223fca84e71c1047f477fcb25c3715ebfda92265f54f43b0f31bbe311667e1cc48f0cf68dabbc4aae59a520ad532fd10e657e0d096857b3e2a7e51

  • SSDEEP

    768:AoGDMmILyCe++binPSNVdiCKI8YbsgeoR/0dgWUMvEgK/Jf2i++++tyVc6KN:Ao0MWSngyIzbjv0VUMnkJDyVclN

Score
10/10
asyncratpowershellrat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

PowerShell

Mutex

DCSSZZVV

Attributes
  • delay

    1

  • install

    true

  • install_file

    winws.exe

  • install_folder

    %AppData%

  • pastebin_config

    https://pastebin.com/raw/gf3CpGLZ

aes.plain

Targets

    • Target

      WinScript.exe

    • Size

      52KB

    • MD5

      93673834f4990293d7f4f47c8923d4b8

    • SHA1

      8a74cad256706e9cee722ed4a47b680ea8791d3d

    • SHA256

      e95554214868e4bba4020036914670bfa988f5f606351c20590e5ccbbd2f7bd6

    • SHA512

      4810e1b050223fca84e71c1047f477fcb25c3715ebfda92265f54f43b0f31bbe311667e1cc48f0cf68dabbc4aae59a520ad532fd10e657e0d096857b3e2a7e51

    • SSDEEP

      768:AoGDMmILyCe++binPSNVdiCKI8YbsgeoR/0dgWUMvEgK/Jf2i++++tyVc6KN:Ao0MWSngyIzbjv0VUMnkJDyVclN

    Score
    10/10
    asyncratpowershellrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Asyncrat family

      asyncrat
    behavioral1

MITRE ATT&CK Matrix

Tasks