Behavioral task
behavioral1
Sample
SecuriteInfo.com.BackDoor.AsyncRATNET.2.1523.14542.exe
Resource
win7-20240903-en
General
-
Target
SecuriteInfo.com.BackDoor.AsyncRATNET.2.1523.14542.exe
-
Size
161KB
-
MD5
34684ddf1deaabe5f923e130dba8c260
-
SHA1
2ff5d93584caf5c51510598a817d87e2102608a8
-
SHA256
61e53470ede2379e70259853cb6b4727cb5bf519dfff5ed643f22eb9b81c12cd
-
SHA512
6643b4eda344c6a2009708cabf2911fbd61b1b2e7de271e12f66a6243fb7307e06fda0bcb0b0914f8e4345e648eede427fa3bd521d309e6eac74301c72e45b75
-
SSDEEP
3072:wJwPUfRrKZWz9N4ZbZejgvBTMTo1mkf6tez:weUfIW4Zb0jgvBTMmz
Malware Config
Signatures
-
Asyncrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource SecuriteInfo.com.BackDoor.AsyncRATNET.2.1523.14542.exe
Files
-
SecuriteInfo.com.BackDoor.AsyncRATNET.2.1523.14542.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 157KB - Virtual size: 157KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ