Overview

overview

10

Static

static

10

355e1b918f...f1.exe

windows7-x64

10

355e1b918f...f1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    355e1b918f31e37239791a57b5c23c8da4050d2d70433f48084b3acc643d4bf1

  • Size

    223KB

  • MD5

    3f34d42497cf41e4405ff548161c7c16

  • SHA1

    d9540e9bc34f8ed703b88c9eb583dc21967ba4eb

  • SHA256

    355e1b918f31e37239791a57b5c23c8da4050d2d70433f48084b3acc643d4bf1

  • SHA512

    5e5088e0148049a2a017f46c27ced0993723e3aa7eba5c81530e88f4ec7111268d1423c63778ca7e41bd7563fe9f4d970be6dc5a42fe88031e8428cbd65d22f8

  • SSDEEP

    6144:WhjMLDRwQuNMXbreFdokb35bwszGqlLZ7XSe:SGcSqlLZ7XSe

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:8848

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 355e1b918f31e37239791a57b5c23c8da4050d2d70433f48084b3acc643d4bf1
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections