asyncrat

General

Target

Valorant Loader.zip
Size

1.6MB
Sample

241231-1pxbgatlgl
MD5

43204fc2219a2021e9377cc27790b290
SHA1

70be1d3817f179f9b43a5f0d20d12bb98f145a9b
SHA256

f7af6851adae707a4b4fbbefbf94b9d8de40a4be6371678257541310e79c8d48
SHA512

0085c585bbc0a2a5f5772487c54b9dce23ad2e75dd95b9562f1ad61847fff52707113866b22e39330232cc1307f8a54ff6e4db6aac31de608ac70451c8b58448
SSDEEP

49152:tHuQtB5N0ehUA61j93NFpVWCSdNnz7VuUxNe:QQT5Ntl61j93Nlgvg

Score

10^/10

Malware Config

Extracted

Family

asyncrat

Botnet

Default

C2

127.0.0.1:3232

Attributes

delay
1
install
true
install_file
Windows.exe
install_folder
%Temp%

aes.plain

Targets

- Target
  
  Multi Loader.exe
- Size
  
  129KB
- MD5
  
  f1430fd4573b819d0d95e7060045498c
- SHA1
  
  d28c1eb1704ddcb7969eda8d30984ebe7b32944e
- SHA256
  
  9fb99e04250dcb34493e704d8afa6b3754c9db94b3f3081e25539cc0747175ae
- SHA512
  
  3b934624356f6047b9104cb19b93e1ea1396bcf9e36090659894b4fcf12bb979d58b67cb9dab0f7859e4c8fa875dfe69e289a38a2c4ab3a073af2b577240686c
- SSDEEP
  
  1536:+RRQodSJYUbdh9EEw4cYu1qZWppqKmY7:+AoYYUbdRncCZWyz
Score

10^/10

asyncrat default rat
- AsyncRat
  AsyncRAT is designed to remotely monitor and control other computers written in C#.
  rat asyncrat
- Asyncrat family
  asyncrat
- Async RAT payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1
- Target
  
  SharpDX.XInput.dll
- Size
  
  13KB
- MD5
  
  b16aaf6fa2e6432e0c342a166e98a372
- SHA1
  
  27cc51549ba116d51865ab71177b10a278a1c692
- SHA256
  
  350195201205840b38aee094bcead4c78b1661f3570a7caa5c36b86ce6d03ff3
- SHA512
  
  58ccc2bd6502b25e7973721d9e4051d8250a9882f47170f4f43c096ee550f483b9fbce4c690a35294425e559456a48054c3a541ef234894efeca8b1dfa74fc1b
- SSDEEP
  
  192:TqgXfBgFL9ssWdkVrguQg7klOjWVAyLt0y5RoID1sgPpffk6bZ3RkiuZM:TqGBcL3CjlGWp2y5RQefk6ONZ
Score

1^/10
behavioral2
- Target
  
  SharpDX.dll
- Size
  
  269KB
- MD5
  
  6c00b8be8fb6ff838c79c9de405db1f5
- SHA1
  
  faf1f8f0d2d56eb2377063906432cce29d9f1839
- SHA256
  
  518d45a5aaec84cb37e83ee2cf58c503ab6a25febb8c48b53316340c967e84bd
- SHA512
  
  e092aaa1bac82337bda113cb88a4990a9615c9cad8757af650caf1a327ada6ed83e4c6cf2b77073c028d986554b82ad16bc3e1e7a8b4466324201d8daa425ec5
- SSDEEP
  
  6144:jG9J7gpDfCvbW2HHWUwQ9N/+bydXB33XbEOERabANrG:jG37gpjCjrH2UldXJbkRa6
Score

1^/10
behavioral3
- Target
  
  Soap.dll
- Size
  
  4.0MB
- MD5
  
  12ef7ab3e301423c7cd6ed95b52360de
- SHA1
  
  17d9373706f568caef8ed8e5fb20c8c28117d171
- SHA256
  
  d89c4d3d0f45187283a2d71ff22623d0f871d59a34754065a81ea98c7a6e1fda
- SHA512
  
  00117fe6de672857250de26d88d6230d11b0f0d396b913efa42a5fa90e1272159847cec6c666a42b4ad34888776d6d891d7cfece6c10eb38b3a740083d2b57c8
- SSDEEP
  
  49152:vatQm91jfyQOO6dukFM4yGbmhevOCMM43KC9uYdPJzD4Ht3JzDubzwc:vatn1m8uYJzkHhJzSbz
Score

1^/10
behavioral4
- Target
  
  XInputChecker.dll
- Size
  
  38KB
- MD5
  
  9b705ab9fe6c65f50c0d78a68b5c7630
- SHA1
  
  9430f03234653675889a97fb485b9103881f5455
- SHA256
  
  6c25f0eb68023b20e37a689f895fe7c57eb8699985d98451771067d4d236a9db
- SHA512
  
  1745879302bf071a59daa387e83de8165e6dfdd2efd49c7184605cb8f52e1e912ee844f073db8b13cd2290b599af14231216a9fdcb6fdbd9047c59dc275178b9
- SSDEEP
  
  768:LLTNgKC5QqKOOjUhJDf5X9BGWhAGe6GvlQtYcFmVB6K:LLXqKOw6Gvl8mVBl
Score

1^/10
behavioral5