Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

0a0126d1c3...8f.exe

windows7-x64

10

0a0126d1c3...8f.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2022, 13:26 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0a0126d1c300eec86dcc48f7c7de178f.exe

  • Size

    45KB

  • MD5

    0a0126d1c300eec86dcc48f7c7de178f

  • SHA1

    37f40d34a7f000443a1808fa9d488854b4b60c55

  • SHA256

    a3c7da959f6fa631a57737164216c12b8b780dcafbb74911c949ac39bcd4e75e

  • SHA512

    c74cf1d9839f72ba2b3400c7a945d2871874708318693326150b8431fd7896bf824e4c3fd6f1bb32a30fcddd5f6f95e1dbcff538ecbbebbeacbdf79fa29f886b

  • SSDEEP

    768:vuwCfTg46YbWUn8jjmo2qrDKjGKG6PIyzjbFgX3i4OtMEb51XRBDZSx:vuwCfTgp/2OKYDy3bCXSrvdSx

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

127.0.0.1:6606

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain
1
bxM8UbkfKveUYIInsi8xvCw3Xftmpz3v

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Async RAT payload 1 IoCs
    rat

Processes

  • C:\Users\Admin\AppData\Local\Temp\0a0126d1c300eec86dcc48f7c7de178f.exe
    "C:\Users\Admin\AppData\Local\Temp\0a0126d1c300eec86dcc48f7c7de178f.exe"
    1⤵
      PID:1688

    Network

      No results found
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    • 127.0.0.1:6606
      0a0126d1c300eec86dcc48f7c7de178f.exe
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1688-54-0x00000000012C0000-0x00000000012D2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/1688-55-0x0000000075601000-0x0000000075603000-memory.dmp

      Filesize

      8KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.