General
-
Target
New Order.exe
-
Size
560KB
-
Sample
201230-tap5hyxcqs
-
MD5
9b6fe3e91909a29b74ea12697caa221b
-
SHA1
28e016a23c1cf4a1f232ada61270a21d3d491bdd
-
SHA256
1ee4689c117cd578717df865bfaeba0c964c35609f9cf6f50021fd391cc59d0f
-
SHA512
7a762d905055366023c3212a4f69f5df6704409938da5d290e5ca27fc4383cd57d5225c8d8fa4ae915078b538ef132c056ef9b850732340f3647bb92f7090c0a
Static task
static1
Behavioral task
behavioral1
Sample
New Order.exe
Resource
win7v20201028
Malware Config
Extracted
asyncrat
0.5.7B
takerman.ddns.net:5141
AsyncMutex_6SI8OkPnk
-
aes_key
cJ7XUgj7IqMks2RX7KGpnLnPt3quOclT
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
takerman.ddns.net
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
5141
-
version
0.5.7B
Targets
-
-
Target
New Order.exe
-
Size
560KB
-
MD5
9b6fe3e91909a29b74ea12697caa221b
-
SHA1
28e016a23c1cf4a1f232ada61270a21d3d491bdd
-
SHA256
1ee4689c117cd578717df865bfaeba0c964c35609f9cf6f50021fd391cc59d0f
-
SHA512
7a762d905055366023c3212a4f69f5df6704409938da5d290e5ca27fc4383cd57d5225c8d8fa4ae915078b538ef132c056ef9b850732340f3647bb92f7090c0a
-
Async RAT payload
-
Suspicious use of SetThreadContext
-