Overview

overview

10

Static

static

10

Anarchy RA...ed.zip

windows10-2004-x64

1

Anarchy.exe

windows10-2004-x64

10

Anarchy.exe.xml

windows10-2004-x64

5

Plugins/0g...oG.dll

windows10-2004-x64

1

Plugins/59...uJ.dll

windows10-2004-x64

1

Plugins/9O...Pn.exe

windows10-2004-x64

10

Plugins/EV...LC.dll

windows10-2004-x64

1

Plugins/FBSyChwp.dll

windows10-2004-x64

1

Plugins/G3...uZ.dll

windows10-2004-x64

1

Plugins/K8...WP.dll

windows10-2004-x64

1

Plugins/KN...Hs.dll

windows10-2004-x64

1

Plugins/PK...TS.dll

windows10-2004-x64

1

Plugins/Recovery.dll

windows10-2004-x64

1

Plugins/Rs...xj.dll

windows10-2004-x64

1

Plugins/Wk...pi.dll

windows10-2004-x64

1

Plugins/fzAgyDYa.dll

windows10-2004-x64

1

Plugins/mM...GA.dll

windows10-2004-x64

1

Plugins/ma...EC.dll

windows10-2004-x64

1

Plugins/oYsKwDG.dll

windows10-2004-x64

1

Plugins/sJ...zK.dll

windows10-2004-x64

1

Plugins/yL...2P.dll

windows10-2004-x64

1

Plugins/zV...LS.dll

windows10-2004-x64

1

Stub/Stub.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    206s
  • max time network
    205s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-02-2023 07:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Stub/Stub.exe

  • Size

    60KB

  • MD5

    fd7b1162b84b0add4146e3bc0d13b7dd

  • SHA1

    1fb46807f499267832aa444e12c403df880855bb

  • SHA256

    972c912943000017fe92e563d4b7a5147f15825718edcb17307af79f85ac5f10

  • SHA512

    6f5ff1aff1c899f9ae48cd177fd1bb277b2b9a7395858de1077392c293a4c68307d55d84a7c9968342da5a1296e720b00d8cd6f42b5faa11b7c643260eac300d

  • SSDEEP

    768:NRgZXw8fNxs48AZYfEq586BHPcxLwM5QXWaRcW1Uo4blGNjj6MpqKYhY7:NR7586vcx35QXWaRB1UqiMpqKmY7

Score
10/10
asyncratrat

Malware Config

Signatures

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers.

    ratasyncrat
  • Async RAT payload 1 IoCs
    rat
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Stub\Stub.exe
    "C:\Users\Admin\AppData\Local\Temp\Stub\Stub.exe"
    1⤵
      PID:4804
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 4804 -s 728
        2⤵
        • Program crash
        PID:2140
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 428 -p 4804 -ip 4804
      1⤵
        PID:1964

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4804-132-0x0000000000110000-0x0000000000124000-memory.dmp

        Filesize

        80KB

        Download

      • memory/4804-133-0x00007FFC144C0000-0x00007FFC14F81000-memory.dmp

        Filesize

        10.8MB

        Download

      • memory/4804-134-0x00007FFC144C0000-0x00007FFC14F81000-memory.dmp

        Filesize

        10.8MB

        Download