asyncrat | bb7e1270658ab3596ebf0a1a9131b6cee5e6eba57a4b7ed112a7a2993339c3ea | Triage

Submit
Reports

Overview

overview

Static

static

1

SpyMax-4.0...ll.exe

windows10-2004-x64

Sharing

General

Target

SpyMax-4.0 Cracked+Activated_install.exe
Size

104.1MB
Sample

230218-qcaxlabf71
MD5

a7e39331cdf403335cf432aa36e3d3fc
SHA1

60d5af5f01457932b061ac6fff52bd9bcfc18634
SHA256

bb7e1270658ab3596ebf0a1a9131b6cee5e6eba57a4b7ed112a7a2993339c3ea
SHA512

7b4d127ee8294ab722aa4604690bd74715069d2557fc7c70740b1d26bd32a593ef8bf5dbcaee7cd5f182e2ba1577c808615b377db98b2c83d706c04df1514ea1
SSDEEP

1572864:pUKdbtOBERw2YgkKrqSdNHpzeW4MDL908tVzYJajtOBERw6TTLjU2j+GJWvR/uTo:rd15kk4NQ908t24JvUwIo8Skd

Score

10^/10

asyncrat default rat

Static task

static1

Behavioral task

behavioral1

Sample

SpyMax-4.0 Cracked+Activated_install.exe

Resource

win10v2004-20221111-en

asyncrat default rat

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

verynice.ddns.net:8848

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
true
install_file
WindowsDefender.exe
install_folder
%Temp%

aes.plain

Targets

- Target
  
  SpyMax-4.0 Cracked+Activated_install.exe
- Size
  
  104.1MB
- MD5
  
  a7e39331cdf403335cf432aa36e3d3fc
- SHA1
  
  60d5af5f01457932b061ac6fff52bd9bcfc18634
- SHA256
  
  bb7e1270658ab3596ebf0a1a9131b6cee5e6eba57a4b7ed112a7a2993339c3ea
- SHA512
  
  7b4d127ee8294ab722aa4604690bd74715069d2557fc7c70740b1d26bd32a593ef8bf5dbcaee7cd5f182e2ba1577c808615b377db98b2c83d706c04df1514ea1
- SSDEEP
  
  1572864:pUKdbtOBERw2YgkKrqSdNHpzeW4MDL908tVzYJajtOBERw6TTLjU2j+GJWvR/uTo:rd15kk4NQ908t24JvUwIo8Skd
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers.
  rat asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

asyncratdefaultrat

© 2018-2024

Terms | Privacy