asyncrat | 0a1c34d04e1a8659462ee2be3681013c[.]bin | Triage

Sharing

General

Target

0a1c34d04e1a8659462ee2be3681013c.bin
Size

4.0MB
MD5

114b702802715ed1b787f3db7dfe5746
SHA1

eb2963ae510041ddb6d65ed118e399245dbc3e0f
SHA256

16c0ef18b2834f0d7d9457afd79e53cccb9278689c8a3ff92afd6f39238331b3
SHA512

2c43136cd666cc4589fe64ecd7d6c6fbb1c1cbe557dfecce4b41452bafc8e2bdc9cda2f30217a7a37356915beade60186f3cf283dc5208ece3746612d2682daf
SSDEEP

98304:wTq8FHEWcNq9aAY0htJKO5o3VeT2rcIU0/J6Bph2M6tOkwwvS:wPlc0e0hD5omH0/J6BpP+wwq

Score

10^/10

rat asyncrat

Malware Config

Signatures

Async RAT payload 1 IoCs

resource	yara_rule
static1/unpack001/3e5b2f7b0b3f73ced2e5aef3f1828f46aaf450cd3da9e30fb7bdef54bcd87902.exe	asyncrat

Asyncrat family
asyncrat

Files

0a1c34d04e1a8659462ee2be3681013c.bin
.zip

Password: infected
3e5b2f7b0b3f73ced2e5aef3f1828f46aaf450cd3da9e30fb7bdef54bcd87902.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10.1MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ