{
	"id": "c8cad267-c565-42b5-8f21-ecdb168038d0",
	"created_at": "2026-04-06T01:30:44.837032Z",
	"updated_at": "2026-04-10T03:21:45.098648Z",
	"deleted_at": null,
	"sha1_hash": "952a096f574cbde426303fe0389bcd9a47332dc6",
	"title": "Tutorials/asyncrat_config_parser at master · jeFF0Falltrades/Tutorials",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 39692,
	"plain_text": "Tutorials/asyncrat_config_parser at master ·\r\njeFF0Falltrades/Tutorials\r\nBy jeFF0Falltrades\r\nArchived: 2026-04-06 01:00:43 UTC\r\nThis repository and its accompanying video are still very valuable for those learning malware analysis and tool\r\nautomation, but the Rat King parser is considered more stable for production use.\r\npip install -r requirements.txt\r\nusage: asyncrat_config_parser.py [-h] [-d] file_paths [file_paths ...]\r\npositional arguments:\r\n file_paths One or more AsyncRAT payload file paths (deobfuscated)\r\noptional arguments:\r\n -h, --help show this help message and exit\r\n -d, --debug Enable debug logging\r\n$ python3 asyncrat_config_parser.py ReverseMe.exe | python -m json.tool\r\n{\r\n \"aes_key\": \"40766aef6f9d6980c001babeef7020446eff2ef31cf910cab59d5429d7a89c37\",\r\n \"aes_salt\": \"bfeb1e56fbcd973bb219022430a57843003d5644d21e62b9d4f180e7e6c33941\",\r\n \"config\": {\r\n \"Anti\": \"false\",\r\n \"BDOS\": \"false\",\r\n \"Certificate\": \"MIIE8jCCAtqgAwIBAgIQAMe2UpmBbjqdMItW7xySBzANBgkqhkiG9w0BAQ0FADAaMRgwFgYDVQQDDA9Bc3luY1JB\r\n \"Delay\": \"3\",\r\n \"Group\": \"Default\",\r\n \"Hosts\": \"test.me.com\",\r\n \"Install\": \"false\",\r\n \"InstallFile\": \"\",\r\n \"InstallFolder\": \"%AppData%\",\r\n \"Key\": \"N3UwelhLaE5BaTE5Z3piMFEwMFZlWHI2Z01Nc3dPOWM=\",\r\n \"MTX\": \"AsyncMutex_6SI8OkPnk\",\r\n \"Pastebin\": \"null\",\r\n \"Ports\": \"8808,7707\",\r\n \"Serversignature\": \"ZKSsdlzb5lEwgaF35KH+qv8Ai7M74R+W9CU2NpGy4ucvLuKhDbUpJtqllJuFAk22wP6qgCQ8lvE8zy+LlVHm\r\n \"Version\": \"0.5.7B\"\r\n },\r\nhttps://github.com/jeFF0Falltrades/Tutorials/tree/master/asyncrat_config_parser\r\nPage 1 of 2\n\n\"file_path\": \"ReverseMe.exe\"\r\n}\r\nSource: https://github.com/jeFF0Falltrades/Tutorials/tree/master/asyncrat_config_parser\r\nhttps://github.com/jeFF0Falltrades/Tutorials/tree/master/asyncrat_config_parser\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://github.com/jeFF0Falltrades/Tutorials/tree/master/asyncrat_config_parser"
	],
	"report_names": [
		"asyncrat_config_parser"
	],
	"threat_actors": [],
	"ts_created_at": 1775439044,
	"ts_updated_at": 1775791305,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/952a096f574cbde426303fe0389bcd9a47332dc6.pdf",
		"text": "https://archive.orkl.eu/952a096f574cbde426303fe0389bcd9a47332dc6.txt",
		"img": "https://archive.orkl.eu/952a096f574cbde426303fe0389bcd9a47332dc6.jpg"
	}
}