asyncrat | 69033692aa963065a38c53fb6ece8e714d7b05d700fe4b0ad1eed241956ea11c

Analysis

max time kernel
297s
max time network
121s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
14-08-2024 01:15

Target

Client.exe
Size

47KB
MD5

1789dbf375912a9855a14e4fee6534bd
SHA1

4a1d71bacdf404af065cf2ca4c32bd88307a9945
SHA256

69033692aa963065a38c53fb6ece8e714d7b05d700fe4b0ad1eed241956ea11c
SHA512

d4e39e36d59a9b68bcc2bdb2fbfeb36c14b2a4b64e09eb15d0bb0e307c5e5036b9b9b780ef1e4c61b90e661cf5c3b195795737dd24d5d8b80be040de0eeb29c5
SSDEEP

768:dCT3ILNCKi+DiBtelDSN+iV08YbygeuSeErYihti8vEgK/J9lZVc6KN:dCYmBtKDs4zb14ef0vnkJ3ZVclN

Score

10^/10

Family

asyncrat

Version

1.0.7

Botnet

Default

193.161.193.991194:8000

Mutex

DcRatMutex_qwqdanchun

Attributes

aes.plain

AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
rat asyncrat

C:\Users\Admin\AppData\Local\Temp\Client.exe
"C:\Users\Admin\AppData\Local\Temp\Client.exe"
1⤵
PID:2872

memory/2872-0-0x000007FEF5833000-0x000007FEF5834000-memory.dmp

Filesize
4KB

Download
memory/2872-1-0x0000000001110000-0x0000000001122000-memory.dmp

Filesize
72KB

Download
memory/2872-2-0x000007FEF5830000-0x000007FEF621C000-memory.dmp

Filesize
9.9MB

Download
memory/2872-3-0x000007FEF5833000-0x000007FEF5834000-memory.dmp

Filesize
4KB

Download
memory/2872-4-0x000007FEF5830000-0x000007FEF621C000-memory.dmp

Filesize
9.9MB

Download