asyncrat | 3693114744003b6641e3c767518e47da[.]bin

General

Target

3693114744003b6641e3c767518e47da.bin
Size

23KB
MD5

b634d0eb7dbc7e8bdc7a32f39633e146
SHA1

3643b5fda2a932bb5a2a42e41341648d63b8e3b7
SHA256

55a6dff872fcf085ac8d89d4b09424431dc57872c307f47707c33955ee2997de
SHA512

306b6a918b94d4566c9c2422d220c14bc37b60e7e578a0978f680fe9880a8df32fe9cc531afe62f813acafc170fb16f69532a049addf7610a79b036e45e62f88
SSDEEP

384:ie0/xqB7yFoDF02S/Y15R2M6EIjb7++bTEEFikmdtl6rcSmE6H85va:i1/xWVR//cM6EK7+yPFRWtok85va

Score

10^/10

rat default asyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.6D

Botnet

Default

C2

seznam.zapto.org:6606

seznam.zapto.org:7707

seznam.zapto.org:8808

milla11.publicvm.com:6606

milla11.publicvm.com:7707

milla11.publicvm.com:8808

Mutex

trffisyuiifgqcpeof

Attributes

delay
5
install
true
install_file
explorere.exe
install_folder
%AppData%

aes.plain

Signatures

Async RAT payload 1 IoCs

rat

Processes:

resource	yara_rule
static1/unpack001/9bbd2c016eefb9e2edab3e8202e8a848bebac36f1565b596c54a0c3278a182dc.exe	asyncrat

Asyncrat family
asyncrat

Files

3693114744003b6641e3c767518e47da.bin
.zip

Password: infected
9bbd2c016eefb9e2edab3e8202e8a848bebac36f1565b596c54a0c3278a182dc.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: infected

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 42KB - Virtual size: 41KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 12B