Overview

overview

10

Static

static

10

ed4a428097...fc.exe

windows7-x64

10

ed4a428097...fc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed4a428097f81c833fdaed01351f6cfc.bin

  • Size

    47KB

  • MD5

    ed4a428097f81c833fdaed01351f6cfc

  • SHA1

    193e52876a1141a19ad28ee26e02f11c16de620e

  • SHA256

    8e7132aba1986c7e3921e7a33e7bb23544258573f8bebf7677e329b6d5251f84

  • SHA512

    232aa009b13653772361b69ab0c19c2b6a5d5312993f17ad1ceb2bab3aeaaeed195bb82f8a20e39d3fa2a2ecf70c9de4bb325a2b6a715d7686fe04252b3968ee

  • SSDEEP

    768:bM1TILIe8E+0YiJtelDSN+iV08Ybyge4evEgK/JPZVc6KN:bMrWRJtKDs4zb1jenkJPZVclN

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

nabeellasdfasdf-52048.portmap.host:52048

Mutex

DcRatMutex_qwqdanchun

Attributes
  • delay

    1

  • install

    false

  • install_file

    NABZONTOPP.exe

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ed4a428097f81c833fdaed01351f6cfc.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections