asyncrat | e3bb74650d18fcefe9eb26f27fc72f2d68798d7f818ae40b861d9202054a544a | Triage

Submit
Reports

Overview

overview

Static

static

1798_.jpg.ps1

windows7_x64

1798_.jpg.ps1

windows10_x64

Sharing

General

Target

1798_.jpg.ps1
Size

262KB
Sample

211225-nepsesgfep
MD5

3bb7a462c0fbde3ad0466454a3b31597
SHA1

c182f5bd9c742997e336468664193edbb13f69e5
SHA256

e3bb74650d18fcefe9eb26f27fc72f2d68798d7f818ae40b861d9202054a544a
SHA512

e919dddb57d989e8fcffa79233bbc9cdfe8d62b144d84750b554fc40e324476cde72161ae61fea0926765cdd67f215c2904818d905e5fcb224353f596c88624c

Score

10^/10

asyncrat zain-work rat

Static task

static1

Behavioral task

behavioral1

Sample

1798_.jpg.ps1

Resource

win7-en-20211208

asyncrat zain-work rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1798_.jpg.ps1

Resource

win10-en-20211208

asyncrat zain-work rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

ZAIN-WORK

C2

2pop.ddns.net:6666

Mutex

AsyncMutex_6SI8OkPnk

Attributes

anti_vm
false
bsod
false
delay
3
install
false
install_folder
%AppData%
pastebin_config
null

aes.plain

Targets

- Target
  
  1798_.jpg.ps1
- Size
  
  262KB
- MD5
  
  3bb7a462c0fbde3ad0466454a3b31597
- SHA1
  
  c182f5bd9c742997e336468664193edbb13f69e5
- SHA256
  
  e3bb74650d18fcefe9eb26f27fc72f2d68798d7f818ae40b861d9202054a544a
- SHA512
  
  e919dddb57d989e8fcffa79233bbc9cdfe8d62b144d84750b554fc40e324476cde72161ae61fea0926765cdd67f215c2904818d905e5fcb224353f596c88624c
Score

10^/10

asyncrat zain-work rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

asyncratzain-workrat

behavioral2

asyncratzain-workrat

© 2018-2024

Terms | Privacy