Overview

overview

10

Static

static

3

33.exe

windows10-1703-x64

10

33.exe

windows7-x64

10

33.exe

windows10-2004-x64

10

33.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    33.exe

  • Size

    682KB

  • Sample

    240719-2gl17stcpl

  • MD5

    244173193de97b401b0f5391d71a6491

  • SHA1

    d46357579f69a5db84a6ea93e777ae6a5b136c53

  • SHA256

    0b5e7cdc5d5290f43799f61ef80cc36d163b3eed96480f77fd805d2cc34d44c8

  • SHA512

    57fa5541eeca2515e6220cf38cb038323dc78b3f51a7981052a947359dee71a1fbddb4480cb128d513428e977a322fdfe48394996b9a46c0bddb14bcd0cd5ee7

  • SSDEEP

    12288:Th1Lk70TnvjcWl93+2kBcRP+EjPrJ4wvu5b0Ye:Pk70TrcWv3+h6QE/jG50Ye

Score
10/10
asyncratrat

Malware Config

Targets

    • Target

      33.exe

    • Size

      682KB

    • MD5

      244173193de97b401b0f5391d71a6491

    • SHA1

      d46357579f69a5db84a6ea93e777ae6a5b136c53

    • SHA256

      0b5e7cdc5d5290f43799f61ef80cc36d163b3eed96480f77fd805d2cc34d44c8

    • SHA512

      57fa5541eeca2515e6220cf38cb038323dc78b3f51a7981052a947359dee71a1fbddb4480cb128d513428e977a322fdfe48394996b9a46c0bddb14bcd0cd5ee7

    • SSDEEP

      12288:Th1Lk70TnvjcWl93+2kBcRP+EjPrJ4wvu5b0Ye:Pk70TrcWv3+h6QE/jG50Ye

    Score
    10/10
    asyncratrat

    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

      ratasyncrat

    • Async RAT payload

      rat

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks