General
-
Target
b1f2068201c29f3b00aeedc0911498043d7c204a860ca16b3fef47fc19fc2b22.exe
-
Size
10.9MB
-
Sample
240629-q62x6syeqg
-
MD5
2b0d0f3cb0a66cf1e42db5890dc346fc
-
SHA1
da018fd72acabb1c5e9d1741f1cab7a281bdb25a
-
SHA256
b1f2068201c29f3b00aeedc0911498043d7c204a860ca16b3fef47fc19fc2b22
-
SHA512
571eb38108027baba47f0b32ba1a3a6eac31248718c16778efc78907bcdb26d3e492cf14d5f8d70ca0cc07caca509ff2a52d610ca6302754f6b3c706ceeaa1f0
-
SSDEEP
196608:ZvNJm3AqJ8Ef+r9onJ5hrZEK3e9tGPqK5N0wTbcKCaoL38ss65G:R/m3p2E+r9c5hlEK/PN8w3cbvMsW
Malware Config
Extracted
asyncrat
| Edit by Vinom Rat
2026
newws.eu:2005
AsyncMutex_ruiewDFG4
-
delay
3
-
install
false
-
install_file
zz.exe
-
install_folder
%AppData%
Targets
-
-
Target
b1f2068201c29f3b00aeedc0911498043d7c204a860ca16b3fef47fc19fc2b22.exe
-
Size
10.9MB
-
MD5
2b0d0f3cb0a66cf1e42db5890dc346fc
-
SHA1
da018fd72acabb1c5e9d1741f1cab7a281bdb25a
-
SHA256
b1f2068201c29f3b00aeedc0911498043d7c204a860ca16b3fef47fc19fc2b22
-
SHA512
571eb38108027baba47f0b32ba1a3a6eac31248718c16778efc78907bcdb26d3e492cf14d5f8d70ca0cc07caca509ff2a52d610ca6302754f6b3c706ceeaa1f0
-
SSDEEP
196608:ZvNJm3AqJ8Ef+r9onJ5hrZEK3e9tGPqK5N0wTbcKCaoL38ss65G:R/m3p2E+r9c5hlEK/PN8w3cbvMsW
Score10/10-
AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-