asyncrat | 909b2111a56cde07978e6cfe5bfd258eebe96838bcde5992910dbdf81815531a | Triage

Submit
Reports

Overview

overview

Static

static

test.exe

windows10-2004-x64

Analysis

max time kernel
130s
max time network
126s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
30-07-2024 09:21

Sharing

Static task

static1

rat default asyncrat

3 signatures

Behavioral task

behavioral1

Sample

test.exe

Resource

win10v2004-20240709-en

asyncrat default rat

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

test.exe
Size

114KB
MD5

433b38be77002ad57564a07cfe66961e
SHA1

eaae23c56870cb195e13d31af9769773a046901d
SHA256

909b2111a56cde07978e6cfe5bfd258eebe96838bcde5992910dbdf81815531a
SHA512

dde8d1010053dece6c19f7c587442e491f5df2206bbeaa05d77e2d4c9cb619fb0d9f4b37d45eabc4ae85b6c3444048cf5b433d23ee64e3cded1abf6f04b4ef0f
SSDEEP

1536:Eq+AGtQOSHQzbCeC3nkJF4cBlKJj5tvmzaal4m0VclN:dotQOSwzbCeQctBlKJvmzaK4mmY

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

chapter-thomson.gl.at.ply.gg:33483

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
false
install_folder
%AppData%

aes.plain

Signatures

AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
rat asyncrat

Processes

C:\Users\Admin\AppData\Local\Temp\test.exe
"C:\Users\Admin\AppData\Local\Temp\test.exe"
1⤵
PID:956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/956-0-0x00007FF8ED4A3000-0x00007FF8ED4A5000-memory.dmp

Filesize
8KB

Download
memory/956-1-0x00000000004A0000-0x00000000004C2000-memory.dmp

Filesize
136KB

Download
memory/956-2-0x00007FF8ED4A0000-0x00007FF8EDF61000-memory.dmp

Filesize
10.8MB

Download
memory/956-3-0x00007FF8ED4A0000-0x00007FF8EDF61000-memory.dmp

Filesize
10.8MB

Download

© 2018-2025

Terms | Privacy