Overview

overview

10

Static

static

10

COMPILED.zip

windows7-x64

1

COMPILED.zip

windows10-2004-x64

1

AsyncRAT/AsyncRAT.exe

windows7-x64

1

AsyncRAT/AsyncRAT.exe

windows10-2004-x64

1

AsyncRAT/A...xe.xml

windows7-x64

1

AsyncRAT/A...xe.xml

windows10-2004-x64

1

AsyncRAT/P...at.dll

windows7-x64

1

AsyncRAT/P...at.dll

windows10-2004-x64

1

AsyncRAT/P...ra.dll

windows7-x64

1

AsyncRAT/P...ra.dll

windows10-2004-x64

1

AsyncRAT/P...er.dll

windows7-x64

1

AsyncRAT/P...er.dll

windows10-2004-x64

1

AsyncRAT/P...er.dll

windows7-x64

1

AsyncRAT/P...er.dll

windows10-2004-x64

1

AsyncRAT/P...er.dll

windows7-x64

1

AsyncRAT/P...er.dll

windows10-2004-x64

1

AsyncRAT/P...us.dll

windows7-x64

1

AsyncRAT/P...us.dll

windows10-2004-x64

1

AsyncRAT/P...ns.dll

windows7-x64

1

AsyncRAT/P...ns.dll

windows10-2004-x64

1

AsyncRAT/P...er.dll

windows7-x64

1

AsyncRAT/P...er.dll

windows10-2004-x64

1

AsyncRAT/P...ry.dll

windows7-x64

1

AsyncRAT/P...ry.dll

windows10-2004-x64

1

AsyncRAT/P...ra.dll

windows7-x64

1

AsyncRAT/P...ra.dll

windows10-2004-x64

1

AsyncRAT/P...op.dll

windows7-x64

1

AsyncRAT/P...op.dll

windows10-2004-x64

AsyncRAT/P...le.dll

windows7-x64

1

AsyncRAT/P...le.dll

windows10-2004-x64

1

AsyncRAT/P...ry.dll

windows7-x64

1

AsyncRAT/P...ry.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-04-2024 16:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AsyncRAT/AsyncRAT.exe

  • Size

    6.4MB

  • MD5

    97a429c4b6a2cb95ece0ddb24c3c2152

  • SHA1

    6fcc26793dd474c0c7113b3360ff29240d9a9020

  • SHA256

    06899071233d61009a64c726a4523aa13d81c2517a0486cc99ac5931837008e5

  • SHA512

    524a63f39e472bd052a258a313ff4f2005041b31f11da4774d3d97f72773f3edb40df316fa9cc2a0f51ea5d8ac404cfdd486bab6718bae60f0d860e98e533f89

  • SSDEEP

    98304:+bPmDVa3VxobFwUN5xXhAqin1MNuSZTKA0t9FFPEG6xJJ33Je2PsBpCz6Ry:+7aIXUN5htin2bk9fcPHJDE7Cz60

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 27 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AsyncRAT\AsyncRAT.exe
    "C:\Users\Admin\AppData\Local\Temp\AsyncRAT\AsyncRAT.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:824
  • C:\Windows\system32\wbem\WmiApSrv.exe
    C:\Windows\system32\wbem\WmiApSrv.exe
    1⤵
      PID:2660
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4076 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8
      1⤵
        PID:4844

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/824-0-0x00007FFE6DE90000-0x00007FFE6E951000-memory.dmp

        Filesize

        10.8MB

        Download

      • memory/824-1-0x000002AE5F370000-0x000002AE5F9DA000-memory.dmp

        Filesize

        6.4MB

        Download

      • memory/824-2-0x000002AE79F70000-0x000002AE79F80000-memory.dmp

        Filesize

        64KB

        Download

      • memory/824-4-0x000002AE79FF0000-0x000002AE7A242000-memory.dmp

        Filesize

        2.3MB

        Download

      • memory/824-5-0x000002AE79F70000-0x000002AE79F80000-memory.dmp

        Filesize

        64KB

        Download

      • memory/824-6-0x000002AE79F70000-0x000002AE79F80000-memory.dmp

        Filesize

        64KB

        Download

      • memory/824-7-0x000002AE7CB90000-0x000002AE7CB9A000-memory.dmp

        Filesize

        40KB

        Download

      • memory/824-8-0x00007FFE6DE90000-0x00007FFE6E951000-memory.dmp

        Filesize

        10.8MB

        Download

      • memory/824-9-0x000002AE7CB00000-0x000002AE7CB12000-memory.dmp

        Filesize

        72KB

        Download

      • memory/824-10-0x000002AE7D960000-0x000002AE7DBE0000-memory.dmp

        Filesize

        2.5MB

        Download

      • memory/824-11-0x000002AE79F70000-0x000002AE79F80000-memory.dmp

        Filesize

        64KB

        Download

      • memory/824-19-0x000002AE79F70000-0x000002AE79F80000-memory.dmp

        Filesize

        64KB

        Download

      • memory/824-20-0x000002AE79F70000-0x000002AE79F80000-memory.dmp

        Filesize

        64KB

        Download