asyncrat | 7f7e5dbb3a9a8eaf64415ff8ec0ae985fb8b9d3882693231dc016f263d83f4c0 | Triage

Sharing

General

Target

7f7e5dbb3a9a8eaf64415ff8ec0ae985fb8b9d3882693231dc016f263d83f4c0
Size

544KB
MD5

3754efa33a1c67dea4497a2da1f6ca4a
SHA1

6a2aeb29f952eedc58428990983072266f3e860f
SHA256

7f7e5dbb3a9a8eaf64415ff8ec0ae985fb8b9d3882693231dc016f263d83f4c0
SHA512

b00c1bda2a2c613de403bbef4ee178482fa827d290ab4cdcd1bc50adf3be1654beaa6a448d410ea22f15e5d49bcfaea67a299845d5b0426d6d045ce4822172d6
SSDEEP

6144:x6MSLogFKzHQJHV8u5PdPTwbI4wJOrCvF2MuG4z07XMJeYes72RpZjD1c00:x6MSLogFKo72EYORL

Score

10^/10

rat asyncrat

Malware Config

Signatures

Async RAT payload 2 IoCs

Processes:

resource	yara_rule
sample	asyncrat
static1/unpack001/UD_PO_000681.exe	asyncrat

Asyncrat family
asyncrat

Files

7f7e5dbb3a9a8eaf64415ff8ec0ae985fb8b9d3882693231dc016f263d83f4c0
.iso
UD_PO_000681.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 414KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ