asyncrat | bbe6a07c0b5936756f48bf6c7e69039793ccf890dfecc4614302990fffbc64c6

General

Target

bbe6a07c0b5936756f48bf6c7e69039793ccf890dfecc4614302990fffbc64c6
Size

346KB
MD5

856a02313fd8735318ef115a247fe7c7
SHA1

42d674e3ba35f85f8a84a41e5ee2e156d7fd4134
SHA256

bbe6a07c0b5936756f48bf6c7e69039793ccf890dfecc4614302990fffbc64c6
SHA512

24930aa8525ca57b12280632eff86ae8256a1850bc554f1316b1cefe782ee2b64fa865548093c3bd7d8edc32de2e71b75a2c7ce4ce1249587473908bc6f020e1
SSDEEP

3072:dUxcx4GfSPMVm4L4H1btOQEbk5vcGowxKxtPMIpRloJlLlJ+83mZrvLfz/l7D/vX:d5fSPMVSVbYdtvLxa+0

Score

10^/10

rat default asyncrat

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

192.168.178.114:1024

Mutex

ivdtxvnogbessqwuj

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Signatures

Async RAT payload 1 IoCs

rat

resource	yara_rule
sample	asyncrat

Asyncrat family
asyncrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbe6a07c0b5936756f48bf6c7e69039793ccf890dfecc4614302990fffbc64c6

Files

bbe6a07c0b5936756f48bf6c7e69039793ccf890dfecc4614302990fffbc64c6
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 69KB - Virtual size: 69KB

.rsrc Size: 276KB - Virtual size: 275KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 276KB - Virtual size: 275KB

.reloc
Size: 512B - Virtual size: 12B