asyncrat | 38f7da8b2ea2cbb91886103f213a46216855957404f598f5a6c0b1b8ceddb9ba

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
10-01-2025 06:53

Target

17364916844504f65d4bfe953d71de0c5053d22d3f4e7dbfac8814436be895041288bc0bbb484.dat-decoded.exe
Size

47KB
MD5

9888013717696edaea9f43f1a088dc69
SHA1

da8c9ae68bdca8ab5b9e80d72387be08684ff3e5
SHA256

38f7da8b2ea2cbb91886103f213a46216855957404f598f5a6c0b1b8ceddb9ba
SHA512

454462a52bc0beaeb785bca8c51a37a25be9f00bff67d6322e063d5773e2d6828530accac3288f339c5fd58e0fd3a26307160dbc9942a83aaf37069084e0ac8d
SSDEEP

768:DeICljTILmCKi+DiYMNi5O8YbIgeR8YpxLvEgK/J3ZVc6KN:DeIYdmYCzbfiznkJ3ZVclN

Score

10^/10

Family

asyncrat

Version

1.0.7

Botnet

Default

testedark.writesthisblog.com:3598

Mutex

DcRatMutex_qwqdan8Yg

Attributes

aes.plain

AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
rat asyncrat
Asyncrat family
asyncrat

C:\Users\Admin\AppData\Local\Temp\17364916844504f65d4bfe953d71de0c5053d22d3f4e7dbfac8814436be895041288bc0bbb484.dat-decoded.exe
"C:\Users\Admin\AppData\Local\Temp\17364916844504f65d4bfe953d71de0c5053d22d3f4e7dbfac8814436be895041288bc0bbb484.dat-decoded.exe"
1⤵
PID:4704

memory/4704-1-0x00000000003B0000-0x00000000003C2000-memory.dmp

Filesize
72KB

Download
memory/4704-0-0x00007FF995B43000-0x00007FF995B45000-memory.dmp

Filesize
8KB

Download
memory/4704-2-0x00007FF995B40000-0x00007FF996601000-memory.dmp

Filesize
10.8MB

Download
memory/4704-3-0x00007FF995B40000-0x00007FF996601000-memory.dmp

Filesize
10.8MB

Download