General
-
Target
6cdd270a2bad95c8a063a9fe876f6c454f2b5219164c476e2bf94350ab050618
-
Size
73KB
-
MD5
75e679528300f0eec2aab97faf87a0b1
-
SHA1
5f5e310edf9b08693a31003a91071b5b4b7bfd39
-
SHA256
6cdd270a2bad95c8a063a9fe876f6c454f2b5219164c476e2bf94350ab050618
-
SHA512
7b051d593aa6c20ec50018c56f834388345f025c2e5257cd0c887aeb15f6e6302e57c91b3009ae65a5456aef3c338a5603bda45240eaa325e7636475fe01d935
-
SSDEEP
768:btF3S1PK+iPDVwir9JSIEZvkYIuu7tkA1+BSrv7mqb2nyHpwH1oQWM4Vp8GX90P7:BkKhJ2ZsYCnn/bb5weMrGX90+t3VclN
Score
10/10
Malware Config
Extracted
Family
asyncrat
Version
1.0.7
Botnet
Default
Mutex
DcRatMutex_qwqdanchun
Attributes
-
delay
3
-
install
true
-
install_file
MicrosoftEdgeUpdate.exe
-
install_folder
%AppData%
-
pastebin_config
https://pastebin.com/raw/ZnhxAV6a
aes.plain
Signatures
-
Async RAT payload 1 IoCs
-
Asyncrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
6cdd270a2bad95c8a063a9fe876f6c454f2b5219164c476e2bf94350ab050618
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections