asyncrat | 50b886a5ba9ff8d8720f9960c1ac52c992bc0e2ccf11ba2ab955a2a783753613 | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
29-12-2024 22:02

Sharing

Report Analysis Logs

General

Target

Blasted.exe
Size

48KB
MD5

61e4a40a2bac67d5607088402fe659a4
SHA1

a2ee09184983f1f5c4d28bd3001ce8e48afc46bc
SHA256

50b886a5ba9ff8d8720f9960c1ac52c992bc0e2ccf11ba2ab955a2a783753613
SHA512

dad9337d06a8d7ab608ab6c77bb00ffed9bd969f5ebbd0e37ad5ca88ca4b5e84b4b197a9f7fb7f171a510500de4dccdd03d45f634ffe757de0a9ce0d80577a66
SSDEEP

768:YUK0ILGCqb+DiP8Pixz9ihiW0zNYbCgeTXRePjD/wreBvEgK/JLZVc6KN:YUpTiSE50zWblqePPznkJLZVclN

Score

10^/10

asyncrat default rat

Malware Config

Extracted

Family

asyncrat

Version

1.0.7

Botnet

Default

C2

127.0.0.1:9567

127.0.0.1:52581

annual-bone.gl.at.ply.gg:9567

annual-bone.gl.at.ply.gg:52581

Mutex

DcRatMutex_qwqdanchun

Attributes

delay
1
install
true
install_file
sys.exe
install_folder
%AppData%

aes.plain

Signatures

AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
rat asyncrat
Asyncrat family
asyncrat

C:\Users\Admin\AppData\Local\Temp\Blasted.exe
"C:\Users\Admin\AppData\Local\Temp\Blasted.exe"
1⤵
PID:2112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2112-0-0x000007FEF6623000-0x000007FEF6624000-memory.dmp

Filesize
4KB

Download
memory/2112-1-0x0000000000DD0000-0x0000000000DE2000-memory.dmp

Filesize
72KB

Download
memory/2112-2-0x000007FEF6620000-0x000007FEF700C000-memory.dmp

Filesize
9.9MB

Download
memory/2112-3-0x000007FEF6620000-0x000007FEF700C000-memory.dmp

Filesize
9.9MB

Download