asyncrat | 1719856386e096b43fb21cb60b35b1c75e594b0a5e5d9e5cf67925969c620467d3153095d7550[.]dat-decoded[.]exe

General

Target

1719856386e096b43fb21cb60b35b1c75e594b0a5e5d9e5cf67925969c620467d3153095d7550.dat-decoded.exe
Size

63KB
MD5

b2e56a7b3dd03c8000e78544f540677d
SHA1

2d47bcb12e3f27fea6f12f68aef16457260d36e7
SHA256

b193cf76307f762a9cdf61191cda685377b9a1ce2eba781647a134b5d9add7bd
SHA512

5a490d910f7f6f889a23e75fb69a6e57d100a5c5e085945d4e5fe72a7d543e6d48bf07684b0b533cc33755a1dfe7abb24e8679b840b3912d8caa10152bb744aa
SSDEEP

1536:PmImx6tX2kNff4sKu+UYFqVrjAbPAPv0FTTtWrPlTGBx:Pm9x6tmkN7Ku+UYFoAbP40Fn4d6x

Score

10^/10

rat 24 junio asyncrat

Malware Config

Extracted

Family

asyncrat

Version

| CRACKED BY https://t.me/xworm_v2

Botnet

24 JUNIO

C2

wins19junspam.duckdns.org:9003

Mutex

AsyncMutex_6SIkaPnk

Attributes

delay
3
install
false
install_folder
%AppData%

aes.plain

Signatures

Async RAT payload 1 IoCs

rat

resource	yara_rule
sample	family_asyncrat

Asyncrat family
asyncrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1719856386e096b43fb21cb60b35b1c75e594b0a5e5d9e5cf67925969c620467d3153095d7550.dat-decoded.exe

Files

1719856386e096b43fb21cb60b35b1c75e594b0a5e5d9e5cf67925969c620467d3153095d7550.dat-decoded.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 60KB - Virtual size: 59KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B