Overview

overview

10

Static

static

10

Zeiman_Async_Rat.exe

windows7-x64

10

Zeiman_Async_Rat.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Zeiman_Async_Rat.exe

  • Size

    47KB

  • MD5

    d42e10d1d1113eb757e62e5dca8097c6

  • SHA1

    36acda8ba0c3dd5304145ecee82188c0b3876674

  • SHA256

    0afc70c89d0100058f5afc1ae2b86d0536cda42a2f0d6869c62c5c3cc58c152a

  • SHA512

    d1c987bd82960ba51bddfddb2fd359b2c07bc590c6186a781ce808c3bfde9abbca396d4e47e076518a3a5f274ef163eb706a2480e88aeb860adb61a8d232abda

  • SSDEEP

    768:aukzVT0kLd3WULgPdVmo2qDtIU42AJPI9yhj/i9bDA6a86/wdUKDJgpWbunIwBDY:aukzVT0Mq1209IhTGbDAU6YyQJgEynIJ

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

223.ip.ply.gg:51246

223.ip.ply.gg:45542
Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    true

  • install_file

    Update.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Zeiman_Async_Rat.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections