Overview

overview

10

Static

static

a92393ed59...3f.exe

windows7_x64

10

a92393ed59...3f.exe

windows10_x64

10

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    21-01-2022 12:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a92393ed590a3d90bf8ec8f1dfa4433f.exe

  • Size

    149KB

  • MD5

    a92393ed590a3d90bf8ec8f1dfa4433f

  • SHA1

    f345aa40fe883cf3eee8626d43542e815a4aacf7

  • SHA256

    d0fef87fd7e5a7214773deef4c445970147c88d5335867b552f9d4d22ef0231b

  • SHA512

    268a682ed1d647c8b5ff8ca3e3b4ad3fdbc99a945726913e4a24295fc02d33cbb3a93e225250ce86d9bde328f9acb18a69671967c2c451f144456764ed8fe996

Score
10/10
asyncratcrax.prorat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

crax.pro

C2

137.117.100.173:443

Mutex

DEV1LMTXR

Attributes
  • anti_vm

    false

  • bsod

    true

  • delay

    1

  • install

    false

  • install_file

    RuntimeBroker.exe

  • install_folder

    %Temp%

  • pastebin_config

    null

aes.plain

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Async RAT payload 1 IoCs
    rat

Processes

  • C:\Users\Admin\AppData\Local\Temp\a92393ed590a3d90bf8ec8f1dfa4433f.exe
    "C:\Users\Admin\AppData\Local\Temp\a92393ed590a3d90bf8ec8f1dfa4433f.exe"
    1⤵
      PID:1684

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1684-55-0x0000000000A70000-0x0000000000A9C000-memory.dmp
      Filesize

      176KB

      Download
    • memory/1684-56-0x000000001C090000-0x000000001C092000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1684-57-0x00000000005B0000-0x00000000005B8000-memory.dmp
      Filesize

      32KB

      Download
    • memory/1684-58-0x0000000000630000-0x0000000000646000-memory.dmp
      Filesize

      88KB

      Download
    • memory/1684-59-0x000000001C096000-0x000000001C0B5000-memory.dmp
      Filesize

      124KB

      Download
    • memory/1684-61-0x000000001C0B5000-0x000000001C0B6000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1684-60-0x00000000005E0000-0x00000000005FA000-memory.dmp
      Filesize

      104KB

      Download
    • memory/1684-62-0x000000001C0B8000-0x000000001C0BA000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1684-63-0x000000001C0BA000-0x000000001C0BB000-memory.dmp
      Filesize

      4KB

      Download