asyncrat | 49d69c50a7bfb5f2ae1b5c61af6c0ef870f08143a5548cb187e92461126c4147 | Triage

Submit
Reports

Overview

overview

Static

static

be96aa77ab...50.exe

windows7_x64

be96aa77ab...50.exe

windows10_x64

Sharing

General

Target

be96aa77ab7f76401001197bdb7d3e50
Size

950KB
Sample

211116-r2e4aaeca8
MD5

be96aa77ab7f76401001197bdb7d3e50
SHA1

1ef001ed0dfb0b2ca4b14775db3a9176cc4f9937
SHA256

49d69c50a7bfb5f2ae1b5c61af6c0ef870f08143a5548cb187e92461126c4147
SHA512

7ad1a3b65b13c2c708a568c7c2de91fc6960d80f7e7b77e26b4429a9c17e31baecdf0fe6d23a325cd7b2c4a613dbef3d7348409f8aba23ff6eeb7ddecc8a91eb

Score

10^/10

asyncrat default agilenet rat

Static task

static1

Behavioral task

behavioral1

Sample

be96aa77ab7f76401001197bdb7d3e50.exe

Resource

win7-en-20211104

asyncrat default agilenet rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

be96aa77ab7f76401001197bdb7d3e50.exe

Resource

win10-en-20211104

asyncrat default agilenet rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

202.55.133.118:5200

Mutex

DcRatMutex_qwqdanchun

Attributes

anti_vm
false
bsod
false
delay
1
install
false
install_folder
%AppData%
pastebin_config
null

aes.plain

Targets

- Target
  
  be96aa77ab7f76401001197bdb7d3e50
- Size
  
  950KB
- MD5
  
  be96aa77ab7f76401001197bdb7d3e50
- SHA1
  
  1ef001ed0dfb0b2ca4b14775db3a9176cc4f9937
- SHA256
  
  49d69c50a7bfb5f2ae1b5c61af6c0ef870f08143a5548cb187e92461126c4147
- SHA512
  
  7ad1a3b65b13c2c708a568c7c2de91fc6960d80f7e7b77e26b4429a9c17e31baecdf0fe6d23a325cd7b2c4a613dbef3d7348409f8aba23ff6eeb7ddecc8a91eb
Score

10^/10

asyncrat default agilenet rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

asyncratdefaultagilenetrat

behavioral2

asyncratdefaultagilenetrat

© 2018-2024

Terms | Privacy