Overview

overview

10

Static

static

2321e61211...b3.exe

windows7-x64

10

2321e61211...b3.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    29-01-2023 21:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2321e6121108c2c427c0d236a5ea17d465707bff97847348dec228cf3c7ecbb3.exe

  • Size

    220KB

  • MD5

    8afecee6d857a6f8e151398c74f8f708

  • SHA1

    4dac0b780280868f6da4f034895f24c75928990c

  • SHA256

    2321e6121108c2c427c0d236a5ea17d465707bff97847348dec228cf3c7ecbb3

  • SHA512

    ffa93ba73de044c37024a47a5890c7c7e5a68ebe038f5d7778128ac95f1061036323b65b64670bc7fc4ca87a4405a5e088d537e93bc42c1a4bfa69eb02ffefbb

  • SSDEEP

    6144:rDIHJwYSGAs17e//miPQ2Hy8OXEeOOY/oTAe+:rDI/X7e/uiPQ2SVlOTWAe+

Score
10/10
asyncratdefaultrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

127.0.0.1:6606

127.0.0.1:7707

127.0.0.1:8808
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Async RAT payload 1 IoCs
    rat

Processes

  • C:\Users\Admin\AppData\Local\Temp\2321e6121108c2c427c0d236a5ea17d465707bff97847348dec228cf3c7ecbb3.exe
    "C:\Users\Admin\AppData\Local\Temp\2321e6121108c2c427c0d236a5ea17d465707bff97847348dec228cf3c7ecbb3.exe"
    1⤵
      PID:828

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/828-54-0x0000000001170000-0x000000000117E000-memory.dmp
      Filesize

      56KB

      Download
    • memory/828-55-0x0000000000220000-0x0000000000232000-memory.dmp
      Filesize

      72KB

      Download