Overview

overview

10

Static

static

c5bb3033ae...70.exe

windows7-x64

10

c5bb3033ae...70.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    143s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29-01-2023 21:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c5bb3033ae08f7623ca8b5c9e6fbe57be4f029f9cd7e3eba377eb46800ee4170.exe

  • Size

    221KB

  • MD5

    4a7b8f92e9dd00f6668c6646eb8d6ecf

  • SHA1

    ec6da90b2a4d417ecac8ccc91a3949d39f440f81

  • SHA256

    c5bb3033ae08f7623ca8b5c9e6fbe57be4f029f9cd7e3eba377eb46800ee4170

  • SHA512

    55bf015fbe6630e4eed9dbb02a6dbf72832d6bcb000fa68b6be32fa38610f6a262951c5f7b162fe012d33ca79569a1f985c09bedac30ddbcbe8d5effe8802961

  • SSDEEP

    3072:sEIcgC84TwaF9JYSTAMcwThs1VBbi/zeVBQrCti1Y1DyUv7PBeiLUNOuDUyx/EZx:sVOBlYSGAs17e/OQrXlDNOuAyyGAB

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Async RAT payload 1 IoCs
    rat

Processes

  • C:\Users\Admin\AppData\Local\Temp\c5bb3033ae08f7623ca8b5c9e6fbe57be4f029f9cd7e3eba377eb46800ee4170.exe
    "C:\Users\Admin\AppData\Local\Temp\c5bb3033ae08f7623ca8b5c9e6fbe57be4f029f9cd7e3eba377eb46800ee4170.exe"
    1⤵
      PID:1864

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1864-54-0x0000000000270000-0x000000000027E000-memory.dmp
      Filesize

      56KB

      Download
    • memory/1864-55-0x00000000004F0000-0x0000000000502000-memory.dmp
      Filesize

      72KB

      Download