user@threatcheck.sh ~ threat-analysis
bash
$ analyze-threat Backdoor:MSIL/AsyncRAT.AA!MTB
Backdoor:MSIL/AsyncRAT.AA!MTB - Windows Defender threat signature analysis

Backdoor:MSIL/AsyncRAT.AA!MTB - Windows Defender Threat Analysis

$ cat analysis.txt
=== THREAT ANALYSIS REPORT ===
Threat Name: Backdoor:MSIL/AsyncRAT.AA!MTB
Classification:
Type:Backdoor
Platform:MSIL
Family:AsyncRAT
Detection Type:Concrete
Known malware family with identified signatures
Variant:AA
Specific signature variant within the malware family
Suffix:!MTB
Detected via machine learning and behavioral analysis
Detection Method:Behavioral
Confidence:Very High
False-Positive Risk:Low

Concrete signature match: Backdoor - Provides unauthorized remote access for .NET (Microsoft Intermediate Language) platform, family AsyncRAT

VDM Static Detection:
Relevant strings associated with this threat:
 - |#d1e49aac-8f56-4280-b9ba-993a6d77406c (NID)
 - }#d1e49aac-8f56-4280-b9ba-993a6d77406c (NID)
 - |#d4f940ab-401b-4efc-aadc-ad5f3c50688a (NID)
 - }#d4f940ab-401b-4efc-aadc-ad5f3c50688a (NID)
 - !#HSTR:StringCodeForMshta.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.C!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.D!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.L!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.O!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForRegsvr32.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForRundll32.A!pli (PEHSTR_EXT)
 - rundll32 (PEHSTR_EXT)
 - !#HSTR:StringCodeForBITSJobs.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForPowerShell.G!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForScheduledTask.A!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForDataEncoding.D!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.J!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForHooking.K!pli (PEHSTR_EXT)
 - !#HSTR:StringCodeForRemoteFileCopy.B!pli (PEHSTR_EXT)
 - !#HSTR:ExecutionGuardrails (PEHSTR_EXT)
Known malware which is associated with this threat:
Filename: AsyncRAT.exe
62b0f6a41b6027c2b82ae449bfef9d8a6f682d77d47f1ee019e701e9d494ec65
31/01/2026
Filename: AsyncRAT.exe
b8520187ed07a5cb95074111acd6179523fb97aedcd0b156432f7691fcbfebed
31/01/2026
Filename: AsyncRAT.exe
9d04e39b8f82834bebc8f893f4edb15f1ebb6e291c9ae3d0a34a619312c62aa7
30/01/2026
Filename: AsyncRAT.exe
cc75b8f21b91cdff6ebd491633ba053a4c2bd7990b48949110f25206338ed434
30/01/2026
Filename: AsyncRAT.exe
eb7fc4b3d63e614a75e14c30e11697d8bd3a993263195b386276d314cfac4a5e
30/01/2026
=== END REPORT ===
$ reanalyze-threat
This analysis was last updated on 19/12/2025. Do you want to analyze it again?
$ ls available-commands/
user@threatcheck.sh:~$