asyncrat | RobloxPlayerInstaller (5)[.]exe

Resubmissions

25/06/2024, 00:41

240625-a1q1qa1bqa 10

25/06/2024, 00:33

240625-awg71szhpc 10

Sharing

Copy URL Twitter E-mail

General

Target

RobloxPlayerInstaller (5).exe
Size

176KB
MD5

b0c9e6677fecf10fc3f0ce262a1ad331
SHA1

d45c158a7685f37b0aa862c7fa898ec9cedf02c3
SHA256

bfe077d8ac72747c71c4983541bfb6b776799512b375eed68821f2e39bd175a7
SHA512

d0f53afcfdaf5732a135b2f86de15bf10a400432d65203529f326976415f0d0ab42b63b062037217dfafa456a367d043a16db67a82f8798adaf492f6d659d2ed
SSDEEP

3072:MRq9GPmn8jbK55fWgQoq/FfmDo7VHkkkkkkkkkkkkkkkkkakkRkkAjiAL+dU6VD6:voPA8jbEl5idPxHkkkkkkkkkkkkkkkkT

Score

10^/10

rat default asyncrat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

127.0.0.1:80

127.0.0.1:21434

mcdonaldsincorp-21434.portmap.host:80

mcdonaldsincorp-21434.portmap.host:21434

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
true
install_file
RobloxPlayerBeta.exe
install_folder
%AppData%

aes.plain

Signatures

Async RAT payload 1 IoCs

rat

resource	yara_rule
sample	family_asyncrat

Asyncrat family
asyncrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
RobloxPlayerInstaller (5).exe

Files

RobloxPlayerInstaller (5).exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 43KB - Virtual size: 43KB

.rsrc Size: 132KB - Virtual size: 131KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 132KB - Virtual size: 131KB

.reloc
Size: 512B - Virtual size: 12B