asyncrat | 5e5d5458b8a025c2bc9a6e7998492989732967c9a1019b11d655200adf3686c7

Analysis

max time kernel
149s
max time network
119s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
22/03/2025, 06:13 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

82a9dfe7288184b982ebc2d37e82aaab.exe
Size

46KB
MD5

82a9dfe7288184b982ebc2d37e82aaab
SHA1

6c94b07674b2552693baba855829793f1c6a9aa7
SHA256

13a04802f83323cbe31ca28d606b4ec73452a506b227b8401a33882e14392f57
SHA512

50c063a2806e3013c8991f56eebf0117b1e98fed17702c2545fd04696c605702be63857571e7c27297f1c9753c85625442cb78405fe105fc01c89fab854d5e76
SSDEEP

768:jqq2PbXwE7Z2XkOicvHk3eHlWMPbPgF0qYMPwppp/UzYI6OC62tYcFmVc6K:jcwXXvZH0ub4FrYMPa3/S6OPKmVcl

Score

10^/10

asyncrat null rat

Malware Config

Extracted

Family

asyncrat

Version

0.5.6A

Botnet

null

thisismylifemimeyo-22560.portmap.host:1447

thisismylifemimeyo-22560.portmap.host:44139

Mutex

cynpbafqnccbvbm

Attributes

delay
5
install
false
install_folder
%AppData%

aes.plain

1
6tzTrqJPvP2gHWQYS4PM8f3928stYrhd

Signatures

AsyncRat
AsyncRAT is designed to remotely monitor and control other computers written in C#.
rat asyncrat
Asyncrat family
asyncrat

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
1576	82a9dfe7288184b982ebc2d37e82aaab.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	1576	82a9dfe7288184b982ebc2d37e82aaab.exe

C:\Users\Admin\AppData\Local\Temp\82a9dfe7288184b982ebc2d37e82aaab.exe
"C:\Users\Admin\AppData\Local\Temp\82a9dfe7288184b982ebc2d37e82aaab.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1576

Network

DNS

thisismylifemimeyo-22560.portmap.host

82a9dfe7288184b982ebc2d37e82aaab.exe

Remote address:

8.8.8.8:53

Request

thisismylifemimeyo-22560.portmap.host

IN A

Response

No results found

8.8.8.8:53

thisismylifemimeyo-22560.portmap.host

dns

82a9dfe7288184b982ebc2d37e82aaab.exe

83 B
176 B
1
1

DNS Request

thisismylifemimeyo-22560.portmap.host

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1576-0-0x000007FEF5193000-0x000007FEF5194000-memory.dmp

Filesize
4KB

Download
memory/1576-1-0x00000000003E0000-0x00000000003F2000-memory.dmp

Filesize
72KB

Download
memory/1576-2-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

Filesize
9.9MB

Download
memory/1576-3-0x000007FEF5193000-0x000007FEF5194000-memory.dmp

Filesize
4KB

Download
memory/1576-4-0x000007FEF5190000-0x000007FEF5B7C000-memory.dmp

Filesize
9.9MB

Download