asyncrat | b01f8abc812a17b3fe0a6dd06b9dfc2f99a153dad1a8e3e325fab7f95bf78cde

General

Target

b01f8abc812a17b3fe0a6dd06b9dfc2f99a153dad1a8e3e325fab7f95bf78cde
Size

74KB
MD5

6c9944b8a88b29b1b09f66f7e0b246a0
SHA1

d3a0a1dd2908321d2086b236d4a8411f11e6e574
SHA256

b01f8abc812a17b3fe0a6dd06b9dfc2f99a153dad1a8e3e325fab7f95bf78cde
SHA512

1d129611ec5000a841a462305649afdd6a9ea1c4ccfe790cdde2a1244c5994e349f1ad01ead0f5db4521c98efd8c0b65f16cf9459b9bb57586c227f276a34b56
SSDEEP

1536:9UHNwcxKHXwzCtmPMV2e9VdQuDI6H1bf/l8wIKQzca7VclN:9UHicxK8WmPMV2e9VdQsH1bfN8eQrxY

Score

10^/10

rat default asyncrat venomrat

Malware Config

Extracted

Family

asyncrat

Botnet

Default

Mutex

fkmfvhqhbwrdv

Attributes

delay
1
install
true
install_file
111222.exe
install_folder
%AppData%
pastebin_config
https://pastebin.com/raw/LwwcrLg4

aes.plain

Signatures

Async RAT payload 1 IoCs

rat

resource	yara_rule
sample	family_asyncrat

Asyncrat family
asyncrat

VenomRAT 1 IoCs

Detects VenomRAT.

rat

resource	yara_rule
sample	VenomRAT

Venomrat family
venomrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b01f8abc812a17b3fe0a6dd06b9dfc2f99a153dad1a8e3e325fab7f95bf78cde

Files

b01f8abc812a17b3fe0a6dd06b9dfc2f99a153dad1a8e3e325fab7f95bf78cde
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 69KB - Virtual size: 69KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 12B