asyncrat | 9BBD2C016EEFB9E2EDAB3E8202E8A848BEBAC36F1565B[.]exe

General

Target

9BBD2C016EEFB9E2EDAB3E8202E8A848BEBAC36F1565B.exe
Size

47KB
MD5

3693114744003b6641e3c767518e47da
SHA1

22df3884394cedffe035dfd1e73d2969468ec793
SHA256

9bbd2c016eefb9e2edab3e8202e8a848bebac36f1565b596c54a0c3278a182dc
SHA512

eb278143a1fa490d497d9869b50697a51d562504d0ee50f45a0fcb95654bc2a1b4534757ec7e3f8edd8a92742ef3855d91e5318b64cc0fb1b925f9d07d268836
SSDEEP

768:0oFKMJMj5I4G3y/NlIR2qeYhQjCY7jbzgr3irE5a4g1fVMjrClZZ2tYcFmVc6K:0oFKMJezqzhMvbsrSX38urZKmVcl

Score

10^/10

rat default asyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.6D

Botnet

Default

C2

seznam.zapto.org:6606

seznam.zapto.org:7707

seznam.zapto.org:8808

milla11.publicvm.com:6606

milla11.publicvm.com:7707

milla11.publicvm.com:8808

Mutex

trffisyuiifgqcpeof

Attributes

delay
5
install
true
install_file
explorere.exe
install_folder
%AppData%

aes.plain

Signatures

Async RAT payload 1 IoCs

rat

resource	yara_rule
sample	asyncrat

Asyncrat family
asyncrat

Files

9BBD2C016EEFB9E2EDAB3E8202E8A848BEBAC36F1565B.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 42KB - Virtual size: 41KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 12B