asyncrat | 671c2b036deed4e63f32adb4834fc6b2d9479d04a64025fa0245e6797add02e6 | Triage

Analysis

max time kernel
134s
max time network
137s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
08/10/2024, 15:36 UTC

Sharing

Report Analysis Logs

General

Target

Stub/Stub.exe
Size

60KB
MD5

fd7b1162b84b0add4146e3bc0d13b7dd
SHA1

1fb46807f499267832aa444e12c403df880855bb
SHA256

972c912943000017fe92e563d4b7a5147f15825718edcb17307af79f85ac5f10
SHA512

6f5ff1aff1c899f9ae48cd177fd1bb277b2b9a7395858de1077392c293a4c68307d55d84a7c9968342da5a1296e720b00d8cd6f42b5faa11b7c643260eac300d
SSDEEP

768:NRgZXw8fNxs48AZYfEq586BHPcxLwM5QXWaRcW1Uo4blGNjj6MpqKYhY7:NR7586vcx35QXWaRB1UqiMpqKmY7

Score

10^/10

asyncrat rat

Malware Config

Signatures

AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
rat asyncrat

C:\Users\Admin\AppData\Local\Temp\Stub\Stub.exe
"C:\Users\Admin\AppData\Local\Temp\Stub\Stub.exe"
1⤵
PID:236

Network

DNS

147.190.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

147.190.18.2.in-addr.arpa

IN PTR

Response

147.190.18.2.in-addr.arpa

IN PTR

a2-18-190-147deploystaticakamaitechnologiescom
DNS

48.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.229.111.52.in-addr.arpa

IN PTR

Response
DNS

195.201.50.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.201.50.20.in-addr.arpa

IN PTR

Response
DNS

83.210.23.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.210.23.2.in-addr.arpa

IN PTR

Response

83.210.23.2.in-addr.arpa

IN PTR

a2-23-210-83deploystaticakamaitechnologiescom

52.111.243.31:443

322 B
7

8.8.8.8:53

147.190.18.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

147.190.18.2.in-addr.arpa
8.8.8.8:53

48.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

48.229.111.52.in-addr.arpa
8.8.8.8:53

195.201.50.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

195.201.50.20.in-addr.arpa
8.8.8.8:53

83.210.23.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

83.210.23.2.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/236-1-0x00007FF8BC563000-0x00007FF8BC564000-memory.dmp

Filesize
4KB

Download
memory/236-0-0x0000000000310000-0x0000000000324000-memory.dmp

Filesize
80KB

Download