asyncrat | b27f6eb1dc90fc2f6812ec6f72ce1d02cd73278530d74d54eeb4b3b24d32d8b5

Analysis

max time kernel
113s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
30-11-2022 14:58

Target

b27f6eb1dc90fc2f6812ec6f72ce1d02cd73278530d74d54eeb4b3b24d32d8b5.exe
Size

42KB
MD5

f2008bffad5ccf9cd33e507aa09115e6
SHA1

9263848ea90eedf58a90ba16a4ef13e0e5a8f33d
SHA256

b27f6eb1dc90fc2f6812ec6f72ce1d02cd73278530d74d54eeb4b3b24d32d8b5
SHA512

b9aaaf9ef49938fcc1633f53e6ee6a5a3317acfa852f5eafb673239c4df0421ed355d574132663530939da180928dcc80e2b7e53c4e9395b66660d31f92979fb
SSDEEP

768:J1zdC9wQCSVsjYj4rJbsfE6CqLw4B4oqYaoCujbfLP1rB:fcVVsjYUrJbHp54B4oqECCbfLdl

Score

10^/10

asyncrat rat

AsyncRat
AsyncRAT is designed to remotely monitor and control other computers.
rat asyncrat
Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

4900 3996 WerFault.exe b27f6eb1dc90fc2f6812ec6f72ce1d02cd73278530d74d54eeb4b3b24d32d8b5.exe

pid	pid_target	process	target process
4900	3996	WerFault.exe	b27f6eb1dc90fc2f6812ec6f72ce1d02cd73278530d74d54eeb4b3b24d32d8b5.exe

C:\Users\Admin\AppData\Local\Temp\b27f6eb1dc90fc2f6812ec6f72ce1d02cd73278530d74d54eeb4b3b24d32d8b5.exe
"C:\Users\Admin\AppData\Local\Temp\b27f6eb1dc90fc2f6812ec6f72ce1d02cd73278530d74d54eeb4b3b24d32d8b5.exe"
1⤵
PID:3996

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 3996 -s 772
2⤵
- Program crash
PID:4900

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 376 -p 3996 -ip 3996
1⤵
PID:4652

memory/3996-132-0x0000000000320000-0x0000000000330000-memory.dmp

Filesize
64KB

Download
memory/3996-133-0x00007FFBC8BD0000-0x00007FFBC9691000-memory.dmp

Filesize
10.8MB

Download
memory/3996-134-0x00007FFBC8BD0000-0x00007FFBC9691000-memory.dmp

Filesize
10.8MB

Download
memory/3996-135-0x00007FFBC8BD0000-0x00007FFBC9691000-memory.dmp

Filesize
10.8MB

Download