General
-
Target
fc1c119af2b10c067771cf36170a8b4ac28db714d14cde45a96b4807d654ded5.cmd
-
Size
82KB
-
Sample
240426-b3qy6shb25
-
MD5
0b72d9b98a14810527f555cad408e756
-
SHA1
e24969bea50bebde5905068c993324fae2470ac6
-
SHA256
fc1c119af2b10c067771cf36170a8b4ac28db714d14cde45a96b4807d654ded5
-
SHA512
acb4399d53b0b29a23ef04cfae67069a03a115a3da5af22587ba1c47193bc6bad892cdfc90818421658749c68cb90a7dd9436bc507e150dd4db835d7bccf81ce
-
SSDEEP
1536:oGr7JprjygfWS26G0KbG/9CHHJxPFg2Ta9bt3nliqnOh991geWFY4dAvGyMryXAV:oy77jwS2X0mG/9upxtg2A3nYt1vHGPTV
Malware Config
Extracted
asyncrat
Default
dcxwq1.duckdns.org:3232
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
fc1c119af2b10c067771cf36170a8b4ac28db714d14cde45a96b4807d654ded5.cmd
-
Size
82KB
-
MD5
0b72d9b98a14810527f555cad408e756
-
SHA1
e24969bea50bebde5905068c993324fae2470ac6
-
SHA256
fc1c119af2b10c067771cf36170a8b4ac28db714d14cde45a96b4807d654ded5
-
SHA512
acb4399d53b0b29a23ef04cfae67069a03a115a3da5af22587ba1c47193bc6bad892cdfc90818421658749c68cb90a7dd9436bc507e150dd4db835d7bccf81ce
-
SSDEEP
1536:oGr7JprjygfWS26G0KbG/9CHHJxPFg2Ta9bt3nliqnOh991geWFY4dAvGyMryXAV:oy77jwS2X0mG/9upxtg2A3nYt1vHGPTV
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Async RAT payload
-
Detects executables attemping to enumerate video devices using WMI
-
Detects executables containing the string DcRatBy
-
Detects executables packed with ConfuserEx Mod
-
Blocklisted process makes network request
-